1 /* 2 * CDDL HEADER START 3 * 4 * The contents of this file are subject to the terms of the 5 * Common Development and Distribution License (the "License"). 6 * You may not use this file except in compliance with the License. 7 * 8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 9 * or http://www.opensolaris.org/os/licensing. 10 * See the License for the specific language governing permissions 11 * and limitations under the License. 12 * 13 * When distributing Covered Code, include this CDDL HEADER in each 14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 15 * If applicable, add the following below this CDDL HEADER, with the 16 * fields enclosed by brackets "[]" replaced with your own identifying 17 * information: Portions Copyright [yyyy] [name of copyright owner] 18 * 19 * CDDL HEADER END 20 */ 21 /* 22 * Copyright (c) 1991, 2010, Oracle and/or its affiliates. All rights reserved. 23 * Copyright (c) 1990 Mentat Inc. 24 */ 25 26 /* 27 * This file contains the interface control functions for IP. 28 */ 29 30 #include <sys/types.h> 31 #include <sys/stream.h> 32 #include <sys/dlpi.h> 33 #include <sys/stropts.h> 34 #include <sys/strsun.h> 35 #include <sys/sysmacros.h> 36 #include <sys/strsubr.h> 37 #include <sys/strlog.h> 38 #include <sys/ddi.h> 39 #include <sys/sunddi.h> 40 #include <sys/cmn_err.h> 41 #include <sys/kstat.h> 42 #include <sys/debug.h> 43 #include <sys/zone.h> 44 #include <sys/sunldi.h> 45 #include <sys/file.h> 46 #include <sys/bitmap.h> 47 #include <sys/cpuvar.h> 48 #include <sys/time.h> 49 #include <sys/ctype.h> 50 #include <sys/kmem.h> 51 #include <sys/systm.h> 52 #include <sys/param.h> 53 #include <sys/socket.h> 54 #include <sys/isa_defs.h> 55 #include <net/if.h> 56 #include <net/if_arp.h> 57 #include <net/if_types.h> 58 #include <net/if_dl.h> 59 #include <net/route.h> 60 #include <sys/sockio.h> 61 #include <netinet/in.h> 62 #include <netinet/ip6.h> 63 #include <netinet/icmp6.h> 64 #include <netinet/igmp_var.h> 65 #include <sys/policy.h> 66 #include <sys/ethernet.h> 67 #include <sys/callb.h> 68 #include <sys/md5.h> 69 70 #include <inet/common.h> /* for various inet/mi.h and inet/nd.h needs */ 71 #include <inet/mi.h> 72 #include <inet/nd.h> 73 #include <inet/tunables.h> 74 #include <inet/arp.h> 75 #include <inet/ip_arp.h> 76 #include <inet/mib2.h> 77 #include <inet/ip.h> 78 #include <inet/ip6.h> 79 #include <inet/ip6_asp.h> 80 #include <inet/tcp.h> 81 #include <inet/ip_multi.h> 82 #include <inet/ip_ire.h> 83 #include <inet/ip_ftable.h> 84 #include <inet/ip_rts.h> 85 #include <inet/ip_ndp.h> 86 #include <inet/ip_if.h> 87 #include <inet/ip_impl.h> 88 #include <inet/sctp_ip.h> 89 #include <inet/ip_netinfo.h> 90 #include <inet/ilb_ip.h> 91 92 #include <netinet/igmp.h> 93 #include <inet/ip_listutils.h> 94 #include <inet/ipclassifier.h> 95 #include <sys/mac_client.h> 96 #include <sys/dld.h> 97 #include <sys/mac_flow.h> 98 99 #include <sys/systeminfo.h> 100 #include <sys/bootconf.h> 101 102 #include <sys/tsol/tndb.h> 103 #include <sys/tsol/tnet.h> 104 105 #include <inet/rawip_impl.h> /* needed for icmp_stack_t */ 106 #include <inet/udp_impl.h> /* needed for udp_stack_t */ 107 108 /* The character which tells where the ill_name ends */ 109 #define IPIF_SEPARATOR_CHAR ':' 110 111 /* IP ioctl function table entry */ 112 typedef struct ipft_s { 113 int ipft_cmd; 114 pfi_t ipft_pfi; 115 int ipft_min_size; 116 int ipft_flags; 117 } ipft_t; 118 #define IPFT_F_NO_REPLY 0x1 /* IP ioctl does not expect any reply */ 119 #define IPFT_F_SELF_REPLY 0x2 /* ioctl callee does the ioctl reply */ 120 121 static int nd_ill_forward_get(queue_t *, mblk_t *, caddr_t, cred_t *); 122 static int nd_ill_forward_set(queue_t *q, mblk_t *mp, 123 char *value, caddr_t cp, cred_t *ioc_cr); 124 125 static boolean_t ill_is_quiescent(ill_t *); 126 static boolean_t ip_addr_ok_v4(ipaddr_t addr, ipaddr_t subnet_mask); 127 static ip_m_t *ip_m_lookup(t_uscalar_t mac_type); 128 static int ip_sioctl_addr_tail(ipif_t *ipif, sin_t *sin, queue_t *q, 129 mblk_t *mp, boolean_t need_up); 130 static int ip_sioctl_dstaddr_tail(ipif_t *ipif, sin_t *sin, queue_t *q, 131 mblk_t *mp, boolean_t need_up); 132 static int ip_sioctl_slifzone_tail(ipif_t *ipif, zoneid_t zoneid, 133 queue_t *q, mblk_t *mp, boolean_t need_up); 134 static int ip_sioctl_flags_tail(ipif_t *ipif, uint64_t flags, queue_t *q, 135 mblk_t *mp); 136 static int ip_sioctl_netmask_tail(ipif_t *ipif, sin_t *sin, queue_t *q, 137 mblk_t *mp); 138 static int ip_sioctl_subnet_tail(ipif_t *ipif, in6_addr_t, in6_addr_t, 139 queue_t *q, mblk_t *mp, boolean_t need_up); 140 static int ip_sioctl_plink_ipmod(ipsq_t *ipsq, queue_t *q, mblk_t *mp, 141 int ioccmd, struct linkblk *li); 142 static ipaddr_t ip_subnet_mask(ipaddr_t addr, ipif_t **, ip_stack_t *); 143 static void ip_wput_ioctl(queue_t *q, mblk_t *mp); 144 static void ipsq_flush(ill_t *ill); 145 146 static int ip_sioctl_token_tail(ipif_t *ipif, sin6_t *sin6, int addrlen, 147 queue_t *q, mblk_t *mp, boolean_t need_up); 148 static void ipsq_delete(ipsq_t *); 149 150 static ipif_t *ipif_allocate(ill_t *ill, int id, uint_t ire_type, 151 boolean_t initialize, boolean_t insert, int *errorp); 152 static ire_t **ipif_create_bcast_ires(ipif_t *ipif, ire_t **irep); 153 static void ipif_delete_bcast_ires(ipif_t *ipif); 154 static int ipif_add_ires_v4(ipif_t *, boolean_t); 155 static boolean_t ipif_comp_multi(ipif_t *old_ipif, ipif_t *new_ipif, 156 boolean_t isv6); 157 static int ipif_logical_down(ipif_t *ipif, queue_t *q, mblk_t *mp); 158 static void ipif_free(ipif_t *ipif); 159 static void ipif_free_tail(ipif_t *ipif); 160 static void ipif_set_default(ipif_t *ipif); 161 static int ipif_set_values(queue_t *q, mblk_t *mp, 162 char *interf_name, uint_t *ppa); 163 static int ipif_set_values_tail(ill_t *ill, ipif_t *ipif, mblk_t *mp, 164 queue_t *q); 165 static ipif_t *ipif_lookup_on_name(char *name, size_t namelen, 166 boolean_t do_alloc, boolean_t *exists, boolean_t isv6, zoneid_t zoneid, 167 ip_stack_t *); 168 static ipif_t *ipif_lookup_on_name_async(char *name, size_t namelen, 169 boolean_t isv6, zoneid_t zoneid, queue_t *q, mblk_t *mp, ipsq_func_t func, 170 int *error, ip_stack_t *); 171 172 static int ill_alloc_ppa(ill_if_t *, ill_t *); 173 static void ill_delete_interface_type(ill_if_t *); 174 static int ill_dl_up(ill_t *ill, ipif_t *ipif, mblk_t *mp, queue_t *q); 175 static void ill_dl_down(ill_t *ill); 176 static void ill_down(ill_t *ill); 177 static void ill_down_ipifs(ill_t *, boolean_t); 178 static void ill_free_mib(ill_t *ill); 179 static void ill_glist_delete(ill_t *); 180 static void ill_phyint_reinit(ill_t *ill); 181 static void ill_set_nce_router_flags(ill_t *, boolean_t); 182 static void ill_set_phys_addr_tail(ipsq_t *, queue_t *, mblk_t *, void *); 183 static void ill_replumb_tail(ipsq_t *, queue_t *, mblk_t *, void *); 184 185 static ip_v6intfid_func_t ip_ether_v6intfid, ip_ib_v6intfid; 186 static ip_v6intfid_func_t ip_ipv4_v6intfid, ip_ipv6_v6intfid; 187 static ip_v6intfid_func_t ip_ipmp_v6intfid, ip_nodef_v6intfid; 188 static ip_v6intfid_func_t ip_ipv4_v6destintfid, ip_ipv6_v6destintfid; 189 static ip_v4mapinfo_func_t ip_ether_v4_mapping; 190 static ip_v6mapinfo_func_t ip_ether_v6_mapping; 191 static ip_v4mapinfo_func_t ip_ib_v4_mapping; 192 static ip_v6mapinfo_func_t ip_ib_v6_mapping; 193 static ip_v4mapinfo_func_t ip_mbcast_mapping; 194 static void ip_cgtp_bcast_add(ire_t *, ip_stack_t *); 195 static void ip_cgtp_bcast_delete(ire_t *, ip_stack_t *); 196 static void phyint_free(phyint_t *); 197 198 static void ill_capability_dispatch(ill_t *, mblk_t *, dl_capability_sub_t *); 199 static void ill_capability_id_ack(ill_t *, mblk_t *, dl_capability_sub_t *); 200 static void ill_capability_vrrp_ack(ill_t *, mblk_t *, dl_capability_sub_t *); 201 static void ill_capability_hcksum_ack(ill_t *, mblk_t *, dl_capability_sub_t *); 202 static void ill_capability_hcksum_reset_fill(ill_t *, mblk_t *); 203 static void ill_capability_zerocopy_ack(ill_t *, mblk_t *, 204 dl_capability_sub_t *); 205 static void ill_capability_zerocopy_reset_fill(ill_t *, mblk_t *); 206 static void ill_capability_dld_reset_fill(ill_t *, mblk_t *); 207 static void ill_capability_dld_ack(ill_t *, mblk_t *, 208 dl_capability_sub_t *); 209 static void ill_capability_dld_enable(ill_t *); 210 static void ill_capability_ack_thr(void *); 211 static void ill_capability_lso_enable(ill_t *); 212 213 static ill_t *ill_prev_usesrc(ill_t *); 214 static int ill_relink_usesrc_ills(ill_t *, ill_t *, uint_t); 215 static void ill_disband_usesrc_group(ill_t *); 216 static void ip_sioctl_garp_reply(mblk_t *, ill_t *, void *, int); 217 218 #ifdef DEBUG 219 static void ill_trace_cleanup(const ill_t *); 220 static void ipif_trace_cleanup(const ipif_t *); 221 #endif 222 223 static void ill_dlpi_clear_deferred(ill_t *ill); 224 225 /* 226 * if we go over the memory footprint limit more than once in this msec 227 * interval, we'll start pruning aggressively. 228 */ 229 int ip_min_frag_prune_time = 0; 230 231 static ipft_t ip_ioctl_ftbl[] = { 232 { IP_IOC_IRE_DELETE, ip_ire_delete, sizeof (ipid_t), 0 }, 233 { IP_IOC_IRE_DELETE_NO_REPLY, ip_ire_delete, sizeof (ipid_t), 234 IPFT_F_NO_REPLY }, 235 { IP_IOC_RTS_REQUEST, ip_rts_request, 0, IPFT_F_SELF_REPLY }, 236 { 0 } 237 }; 238 239 /* Simple ICMP IP Header Template */ 240 static ipha_t icmp_ipha = { 241 IP_SIMPLE_HDR_VERSION, 0, 0, 0, 0, 0, IPPROTO_ICMP 242 }; 243 244 static uchar_t ip_six_byte_all_ones[] = { 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF }; 245 246 static ip_m_t ip_m_tbl[] = { 247 { DL_ETHER, IFT_ETHER, ETHERTYPE_IP, ETHERTYPE_IPV6, 248 ip_ether_v4_mapping, ip_ether_v6_mapping, ip_ether_v6intfid, 249 ip_nodef_v6intfid }, 250 { DL_CSMACD, IFT_ISO88023, ETHERTYPE_IP, ETHERTYPE_IPV6, 251 ip_ether_v4_mapping, ip_ether_v6_mapping, ip_nodef_v6intfid, 252 ip_nodef_v6intfid }, 253 { DL_TPB, IFT_ISO88024, ETHERTYPE_IP, ETHERTYPE_IPV6, 254 ip_ether_v4_mapping, ip_ether_v6_mapping, ip_nodef_v6intfid, 255 ip_nodef_v6intfid }, 256 { DL_TPR, IFT_ISO88025, ETHERTYPE_IP, ETHERTYPE_IPV6, 257 ip_ether_v4_mapping, ip_ether_v6_mapping, ip_nodef_v6intfid, 258 ip_nodef_v6intfid }, 259 { DL_FDDI, IFT_FDDI, ETHERTYPE_IP, ETHERTYPE_IPV6, 260 ip_ether_v4_mapping, ip_ether_v6_mapping, ip_ether_v6intfid, 261 ip_nodef_v6intfid }, 262 { DL_IB, IFT_IB, ETHERTYPE_IP, ETHERTYPE_IPV6, 263 ip_ib_v4_mapping, ip_ib_v6_mapping, ip_ib_v6intfid, 264 ip_nodef_v6intfid }, 265 { DL_IPV4, IFT_IPV4, IPPROTO_ENCAP, IPPROTO_IPV6, 266 ip_mbcast_mapping, ip_mbcast_mapping, ip_ipv4_v6intfid, 267 ip_ipv4_v6destintfid }, 268 { DL_IPV6, IFT_IPV6, IPPROTO_ENCAP, IPPROTO_IPV6, 269 ip_mbcast_mapping, ip_mbcast_mapping, ip_ipv6_v6intfid, 270 ip_ipv6_v6destintfid }, 271 { DL_6TO4, IFT_6TO4, IPPROTO_ENCAP, IPPROTO_IPV6, 272 ip_mbcast_mapping, ip_mbcast_mapping, ip_ipv4_v6intfid, 273 ip_nodef_v6intfid }, 274 { SUNW_DL_VNI, IFT_OTHER, ETHERTYPE_IP, ETHERTYPE_IPV6, 275 NULL, NULL, ip_nodef_v6intfid, ip_nodef_v6intfid }, 276 { SUNW_DL_IPMP, IFT_OTHER, ETHERTYPE_IP, ETHERTYPE_IPV6, 277 NULL, NULL, ip_ipmp_v6intfid, ip_nodef_v6intfid }, 278 { DL_OTHER, IFT_OTHER, ETHERTYPE_IP, ETHERTYPE_IPV6, 279 ip_ether_v4_mapping, ip_ether_v6_mapping, ip_nodef_v6intfid, 280 ip_nodef_v6intfid } 281 }; 282 283 static ill_t ill_null; /* Empty ILL for init. */ 284 char ipif_loopback_name[] = "lo0"; 285 286 /* These are used by all IP network modules. */ 287 sin6_t sin6_null; /* Zero address for quick clears */ 288 sin_t sin_null; /* Zero address for quick clears */ 289 290 /* When set search for unused ipif_seqid */ 291 static ipif_t ipif_zero; 292 293 /* 294 * ppa arena is created after these many 295 * interfaces have been plumbed. 296 */ 297 uint_t ill_no_arena = 12; /* Setable in /etc/system */ 298 299 /* 300 * Allocate per-interface mibs. 301 * Returns true if ok. False otherwise. 302 * ipsq may not yet be allocated (loopback case ). 303 */ 304 static boolean_t 305 ill_allocate_mibs(ill_t *ill) 306 { 307 /* Already allocated? */ 308 if (ill->ill_ip_mib != NULL) { 309 if (ill->ill_isv6) 310 ASSERT(ill->ill_icmp6_mib != NULL); 311 return (B_TRUE); 312 } 313 314 ill->ill_ip_mib = kmem_zalloc(sizeof (*ill->ill_ip_mib), 315 KM_NOSLEEP); 316 if (ill->ill_ip_mib == NULL) { 317 return (B_FALSE); 318 } 319 320 /* Setup static information */ 321 SET_MIB(ill->ill_ip_mib->ipIfStatsEntrySize, 322 sizeof (mib2_ipIfStatsEntry_t)); 323 if (ill->ill_isv6) { 324 ill->ill_ip_mib->ipIfStatsIPVersion = MIB2_INETADDRESSTYPE_ipv6; 325 SET_MIB(ill->ill_ip_mib->ipIfStatsAddrEntrySize, 326 sizeof (mib2_ipv6AddrEntry_t)); 327 SET_MIB(ill->ill_ip_mib->ipIfStatsRouteEntrySize, 328 sizeof (mib2_ipv6RouteEntry_t)); 329 SET_MIB(ill->ill_ip_mib->ipIfStatsNetToMediaEntrySize, 330 sizeof (mib2_ipv6NetToMediaEntry_t)); 331 SET_MIB(ill->ill_ip_mib->ipIfStatsMemberEntrySize, 332 sizeof (ipv6_member_t)); 333 SET_MIB(ill->ill_ip_mib->ipIfStatsGroupSourceEntrySize, 334 sizeof (ipv6_grpsrc_t)); 335 } else { 336 ill->ill_ip_mib->ipIfStatsIPVersion = MIB2_INETADDRESSTYPE_ipv4; 337 SET_MIB(ill->ill_ip_mib->ipIfStatsAddrEntrySize, 338 sizeof (mib2_ipAddrEntry_t)); 339 SET_MIB(ill->ill_ip_mib->ipIfStatsRouteEntrySize, 340 sizeof (mib2_ipRouteEntry_t)); 341 SET_MIB(ill->ill_ip_mib->ipIfStatsNetToMediaEntrySize, 342 sizeof (mib2_ipNetToMediaEntry_t)); 343 SET_MIB(ill->ill_ip_mib->ipIfStatsMemberEntrySize, 344 sizeof (ip_member_t)); 345 SET_MIB(ill->ill_ip_mib->ipIfStatsGroupSourceEntrySize, 346 sizeof (ip_grpsrc_t)); 347 348 /* 349 * For a v4 ill, we are done at this point, because per ill 350 * icmp mibs are only used for v6. 351 */ 352 return (B_TRUE); 353 } 354 355 ill->ill_icmp6_mib = kmem_zalloc(sizeof (*ill->ill_icmp6_mib), 356 KM_NOSLEEP); 357 if (ill->ill_icmp6_mib == NULL) { 358 kmem_free(ill->ill_ip_mib, sizeof (*ill->ill_ip_mib)); 359 ill->ill_ip_mib = NULL; 360 return (B_FALSE); 361 } 362 /* static icmp info */ 363 ill->ill_icmp6_mib->ipv6IfIcmpEntrySize = 364 sizeof (mib2_ipv6IfIcmpEntry_t); 365 /* 366 * The ipIfStatsIfindex and ipv6IfIcmpIndex will be assigned later 367 * after the phyint merge occurs in ipif_set_values -> ill_glist_insert 368 * -> ill_phyint_reinit 369 */ 370 return (B_TRUE); 371 } 372 373 /* 374 * Completely vaporize a lower level tap and all associated interfaces. 375 * ill_delete is called only out of ip_close when the device control 376 * stream is being closed. 377 */ 378 void 379 ill_delete(ill_t *ill) 380 { 381 ipif_t *ipif; 382 ill_t *prev_ill; 383 ip_stack_t *ipst = ill->ill_ipst; 384 385 /* 386 * ill_delete may be forcibly entering the ipsq. The previous 387 * ioctl may not have completed and may need to be aborted. 388 * ipsq_flush takes care of it. If we don't need to enter the 389 * the ipsq forcibly, the 2nd invocation of ipsq_flush in 390 * ill_delete_tail is sufficient. 391 */ 392 ipsq_flush(ill); 393 394 /* 395 * Nuke all interfaces. ipif_free will take down the interface, 396 * remove it from the list, and free the data structure. 397 * Walk down the ipif list and remove the logical interfaces 398 * first before removing the main ipif. We can't unplumb 399 * zeroth interface first in the case of IPv6 as update_conn_ill 400 * -> ip_ll_multireq de-references ill_ipif for checking 401 * POINTOPOINT. 402 * 403 * If ill_ipif was not properly initialized (i.e low on memory), 404 * then no interfaces to clean up. In this case just clean up the 405 * ill. 406 */ 407 for (ipif = ill->ill_ipif; ipif != NULL; ipif = ipif->ipif_next) 408 ipif_free(ipif); 409 410 /* 411 * clean out all the nce_t entries that depend on this 412 * ill for the ill_phys_addr. 413 */ 414 nce_flush(ill, B_TRUE); 415 416 /* Clean up msgs on pending upcalls for mrouted */ 417 reset_mrt_ill(ill); 418 419 update_conn_ill(ill, ipst); 420 421 /* 422 * Remove multicast references added as a result of calls to 423 * ip_join_allmulti(). 424 */ 425 ip_purge_allmulti(ill); 426 427 /* 428 * If the ill being deleted is under IPMP, boot it out of the illgrp. 429 */ 430 if (IS_UNDER_IPMP(ill)) 431 ipmp_ill_leave_illgrp(ill); 432 433 /* 434 * ill_down will arrange to blow off any IRE's dependent on this 435 * ILL, and shut down fragmentation reassembly. 436 */ 437 ill_down(ill); 438 439 /* Let SCTP know, so that it can remove this from its list. */ 440 sctp_update_ill(ill, SCTP_ILL_REMOVE); 441 442 /* 443 * Walk all CONNs that can have a reference on an ire or nce for this 444 * ill (we actually walk all that now have stale references). 445 */ 446 ipcl_walk(conn_ixa_cleanup, (void *)B_TRUE, ipst); 447 448 /* With IPv6 we have dce_ifindex. Cleanup for neatness */ 449 if (ill->ill_isv6) 450 dce_cleanup(ill->ill_phyint->phyint_ifindex, ipst); 451 452 /* 453 * If an address on this ILL is being used as a source address then 454 * clear out the pointers in other ILLs that point to this ILL. 455 */ 456 rw_enter(&ipst->ips_ill_g_usesrc_lock, RW_WRITER); 457 if (ill->ill_usesrc_grp_next != NULL) { 458 if (ill->ill_usesrc_ifindex == 0) { /* usesrc ILL ? */ 459 ill_disband_usesrc_group(ill); 460 } else { /* consumer of the usesrc ILL */ 461 prev_ill = ill_prev_usesrc(ill); 462 prev_ill->ill_usesrc_grp_next = 463 ill->ill_usesrc_grp_next; 464 } 465 } 466 rw_exit(&ipst->ips_ill_g_usesrc_lock); 467 } 468 469 static void 470 ipif_non_duplicate(ipif_t *ipif) 471 { 472 ill_t *ill = ipif->ipif_ill; 473 mutex_enter(&ill->ill_lock); 474 if (ipif->ipif_flags & IPIF_DUPLICATE) { 475 ipif->ipif_flags &= ~IPIF_DUPLICATE; 476 ASSERT(ill->ill_ipif_dup_count > 0); 477 ill->ill_ipif_dup_count--; 478 } 479 mutex_exit(&ill->ill_lock); 480 } 481 482 /* 483 * ill_delete_tail is called from ip_modclose after all references 484 * to the closing ill are gone. The wait is done in ip_modclose 485 */ 486 void 487 ill_delete_tail(ill_t *ill) 488 { 489 mblk_t **mpp; 490 ipif_t *ipif; 491 ip_stack_t *ipst = ill->ill_ipst; 492 493 for (ipif = ill->ill_ipif; ipif != NULL; ipif = ipif->ipif_next) { 494 ipif_non_duplicate(ipif); 495 (void) ipif_down_tail(ipif); 496 } 497 498 ASSERT(ill->ill_ipif_dup_count == 0); 499 500 /* 501 * If polling capability is enabled (which signifies direct 502 * upcall into IP and driver has ill saved as a handle), 503 * we need to make sure that unbind has completed before we 504 * let the ill disappear and driver no longer has any reference 505 * to this ill. 506 */ 507 mutex_enter(&ill->ill_lock); 508 while (ill->ill_state_flags & ILL_DL_UNBIND_IN_PROGRESS) 509 cv_wait(&ill->ill_cv, &ill->ill_lock); 510 mutex_exit(&ill->ill_lock); 511 ASSERT(!(ill->ill_capabilities & 512 (ILL_CAPAB_DLD | ILL_CAPAB_DLD_POLL | ILL_CAPAB_DLD_DIRECT))); 513 514 if (ill->ill_net_type != IRE_LOOPBACK) 515 qprocsoff(ill->ill_rq); 516 517 /* 518 * We do an ipsq_flush once again now. New messages could have 519 * landed up from below (M_ERROR or M_HANGUP). Similarly ioctls 520 * could also have landed up if an ioctl thread had looked up 521 * the ill before we set the ILL_CONDEMNED flag, but not yet 522 * enqueued the ioctl when we did the ipsq_flush last time. 523 */ 524 ipsq_flush(ill); 525 526 /* 527 * Free capabilities. 528 */ 529 if (ill->ill_hcksum_capab != NULL) { 530 kmem_free(ill->ill_hcksum_capab, sizeof (ill_hcksum_capab_t)); 531 ill->ill_hcksum_capab = NULL; 532 } 533 534 if (ill->ill_zerocopy_capab != NULL) { 535 kmem_free(ill->ill_zerocopy_capab, 536 sizeof (ill_zerocopy_capab_t)); 537 ill->ill_zerocopy_capab = NULL; 538 } 539 540 if (ill->ill_lso_capab != NULL) { 541 kmem_free(ill->ill_lso_capab, sizeof (ill_lso_capab_t)); 542 ill->ill_lso_capab = NULL; 543 } 544 545 if (ill->ill_dld_capab != NULL) { 546 kmem_free(ill->ill_dld_capab, sizeof (ill_dld_capab_t)); 547 ill->ill_dld_capab = NULL; 548 } 549 550 /* Clean up ill_allowed_ips* related state */ 551 if (ill->ill_allowed_ips != NULL) { 552 ASSERT(ill->ill_allowed_ips_cnt > 0); 553 kmem_free(ill->ill_allowed_ips, 554 ill->ill_allowed_ips_cnt * sizeof (in6_addr_t)); 555 ill->ill_allowed_ips = NULL; 556 ill->ill_allowed_ips_cnt = 0; 557 } 558 559 while (ill->ill_ipif != NULL) 560 ipif_free_tail(ill->ill_ipif); 561 562 /* 563 * We have removed all references to ilm from conn and the ones joined 564 * within the kernel. 565 * 566 * We don't walk conns, mrts and ires because 567 * 568 * 1) update_conn_ill and reset_mrt_ill cleans up conns and mrts. 569 * 2) ill_down ->ill_downi walks all the ires and cleans up 570 * ill references. 571 */ 572 573 /* 574 * If this ill is an IPMP meta-interface, blow away the illgrp. This 575 * is safe to do because the illgrp has already been unlinked from the 576 * group by I_PUNLINK, and thus SIOCSLIFGROUPNAME cannot find it. 577 */ 578 if (IS_IPMP(ill)) { 579 ipmp_illgrp_destroy(ill->ill_grp); 580 ill->ill_grp = NULL; 581 } 582 583 /* 584 * Take us out of the list of ILLs. ill_glist_delete -> phyint_free 585 * could free the phyint. No more reference to the phyint after this 586 * point. 587 */ 588 (void) ill_glist_delete(ill); 589 590 if (ill->ill_frag_ptr != NULL) { 591 uint_t count; 592 593 for (count = 0; count < ILL_FRAG_HASH_TBL_COUNT; count++) { 594 mutex_destroy(&ill->ill_frag_hash_tbl[count].ipfb_lock); 595 } 596 mi_free(ill->ill_frag_ptr); 597 ill->ill_frag_ptr = NULL; 598 ill->ill_frag_hash_tbl = NULL; 599 } 600 601 freemsg(ill->ill_nd_lla_mp); 602 /* Free all retained control messages. */ 603 mpp = &ill->ill_first_mp_to_free; 604 do { 605 while (mpp[0]) { 606 mblk_t *mp; 607 mblk_t *mp1; 608 609 mp = mpp[0]; 610 mpp[0] = mp->b_next; 611 for (mp1 = mp; mp1 != NULL; mp1 = mp1->b_cont) { 612 mp1->b_next = NULL; 613 mp1->b_prev = NULL; 614 } 615 freemsg(mp); 616 } 617 } while (mpp++ != &ill->ill_last_mp_to_free); 618 619 ill_free_mib(ill); 620 621 #ifdef DEBUG 622 ill_trace_cleanup(ill); 623 #endif 624 625 /* The default multicast interface might have changed */ 626 ire_increment_multicast_generation(ipst, ill->ill_isv6); 627 628 /* Drop refcnt here */ 629 netstack_rele(ill->ill_ipst->ips_netstack); 630 ill->ill_ipst = NULL; 631 } 632 633 static void 634 ill_free_mib(ill_t *ill) 635 { 636 ip_stack_t *ipst = ill->ill_ipst; 637 638 /* 639 * MIB statistics must not be lost, so when an interface 640 * goes away the counter values will be added to the global 641 * MIBs. 642 */ 643 if (ill->ill_ip_mib != NULL) { 644 if (ill->ill_isv6) { 645 ip_mib2_add_ip_stats(&ipst->ips_ip6_mib, 646 ill->ill_ip_mib); 647 } else { 648 ip_mib2_add_ip_stats(&ipst->ips_ip_mib, 649 ill->ill_ip_mib); 650 } 651 652 kmem_free(ill->ill_ip_mib, sizeof (*ill->ill_ip_mib)); 653 ill->ill_ip_mib = NULL; 654 } 655 if (ill->ill_icmp6_mib != NULL) { 656 ip_mib2_add_icmp6_stats(&ipst->ips_icmp6_mib, 657 ill->ill_icmp6_mib); 658 kmem_free(ill->ill_icmp6_mib, sizeof (*ill->ill_icmp6_mib)); 659 ill->ill_icmp6_mib = NULL; 660 } 661 } 662 663 /* 664 * Concatenate together a physical address and a sap. 665 * 666 * Sap_lengths are interpreted as follows: 667 * sap_length == 0 ==> no sap 668 * sap_length > 0 ==> sap is at the head of the dlpi address 669 * sap_length < 0 ==> sap is at the tail of the dlpi address 670 */ 671 static void 672 ill_dlur_copy_address(uchar_t *phys_src, uint_t phys_length, 673 t_scalar_t sap_src, t_scalar_t sap_length, uchar_t *dst) 674 { 675 uint16_t sap_addr = (uint16_t)sap_src; 676 677 if (sap_length == 0) { 678 if (phys_src == NULL) 679 bzero(dst, phys_length); 680 else 681 bcopy(phys_src, dst, phys_length); 682 } else if (sap_length < 0) { 683 if (phys_src == NULL) 684 bzero(dst, phys_length); 685 else 686 bcopy(phys_src, dst, phys_length); 687 bcopy(&sap_addr, (char *)dst + phys_length, sizeof (sap_addr)); 688 } else { 689 bcopy(&sap_addr, dst, sizeof (sap_addr)); 690 if (phys_src == NULL) 691 bzero((char *)dst + sap_length, phys_length); 692 else 693 bcopy(phys_src, (char *)dst + sap_length, phys_length); 694 } 695 } 696 697 /* 698 * Generate a dl_unitdata_req mblk for the device and address given. 699 * addr_length is the length of the physical portion of the address. 700 * If addr is NULL include an all zero address of the specified length. 701 * TRUE? In any case, addr_length is taken to be the entire length of the 702 * dlpi address, including the absolute value of sap_length. 703 */ 704 mblk_t * 705 ill_dlur_gen(uchar_t *addr, uint_t addr_length, t_uscalar_t sap, 706 t_scalar_t sap_length) 707 { 708 dl_unitdata_req_t *dlur; 709 mblk_t *mp; 710 t_scalar_t abs_sap_length; /* absolute value */ 711 712 abs_sap_length = ABS(sap_length); 713 mp = ip_dlpi_alloc(sizeof (*dlur) + addr_length + abs_sap_length, 714 DL_UNITDATA_REQ); 715 if (mp == NULL) 716 return (NULL); 717 dlur = (dl_unitdata_req_t *)mp->b_rptr; 718 /* HACK: accomodate incompatible DLPI drivers */ 719 if (addr_length == 8) 720 addr_length = 6; 721 dlur->dl_dest_addr_length = addr_length + abs_sap_length; 722 dlur->dl_dest_addr_offset = sizeof (*dlur); 723 dlur->dl_priority.dl_min = 0; 724 dlur->dl_priority.dl_max = 0; 725 ill_dlur_copy_address(addr, addr_length, sap, sap_length, 726 (uchar_t *)&dlur[1]); 727 return (mp); 728 } 729 730 /* 731 * Add the pending mp to the list. There can be only 1 pending mp 732 * in the list. Any exclusive ioctl that needs to wait for a response 733 * from another module or driver needs to use this function to set 734 * the ipx_pending_mp to the ioctl mblk and wait for the response from 735 * the other module/driver. This is also used while waiting for the 736 * ipif/ill/ire refcnts to drop to zero in bringing down an ipif. 737 */ 738 boolean_t 739 ipsq_pending_mp_add(conn_t *connp, ipif_t *ipif, queue_t *q, mblk_t *add_mp, 740 int waitfor) 741 { 742 ipxop_t *ipx = ipif->ipif_ill->ill_phyint->phyint_ipsq->ipsq_xop; 743 744 ASSERT(IAM_WRITER_IPIF(ipif)); 745 ASSERT(MUTEX_HELD(&ipif->ipif_ill->ill_lock)); 746 ASSERT((add_mp->b_next == NULL) && (add_mp->b_prev == NULL)); 747 ASSERT(ipx->ipx_pending_mp == NULL); 748 /* 749 * The caller may be using a different ipif than the one passed into 750 * ipsq_current_start() (e.g., suppose an ioctl that came in on the V4 751 * ill needs to wait for the V6 ill to quiesce). So we can't ASSERT 752 * that `ipx_current_ipif == ipif'. 753 */ 754 ASSERT(ipx->ipx_current_ipif != NULL); 755 756 /* 757 * M_IOCDATA from ioctls, M_ERROR/M_HANGUP/M_PROTO/M_PCPROTO from the 758 * driver. 759 */ 760 ASSERT((DB_TYPE(add_mp) == M_IOCDATA) || (DB_TYPE(add_mp) == M_ERROR) || 761 (DB_TYPE(add_mp) == M_HANGUP) || (DB_TYPE(add_mp) == M_PROTO) || 762 (DB_TYPE(add_mp) == M_PCPROTO)); 763 764 if (connp != NULL) { 765 ASSERT(MUTEX_HELD(&connp->conn_lock)); 766 /* 767 * Return error if the conn has started closing. The conn 768 * could have finished cleaning up the pending mp list, 769 * If so we should not add another mp to the list negating 770 * the cleanup. 771 */ 772 if (connp->conn_state_flags & CONN_CLOSING) 773 return (B_FALSE); 774 } 775 mutex_enter(&ipx->ipx_lock); 776 ipx->ipx_pending_ipif = ipif; 777 /* 778 * Note down the queue in b_queue. This will be returned by 779 * ipsq_pending_mp_get. Caller will then use these values to restart 780 * the processing 781 */ 782 add_mp->b_next = NULL; 783 add_mp->b_queue = q; 784 ipx->ipx_pending_mp = add_mp; 785 ipx->ipx_waitfor = waitfor; 786 mutex_exit(&ipx->ipx_lock); 787 788 if (connp != NULL) 789 connp->conn_oper_pending_ill = ipif->ipif_ill; 790 791 return (B_TRUE); 792 } 793 794 /* 795 * Retrieve the ipx_pending_mp and return it. There can be only 1 mp 796 * queued in the list. 797 */ 798 mblk_t * 799 ipsq_pending_mp_get(ipsq_t *ipsq, conn_t **connpp) 800 { 801 mblk_t *curr = NULL; 802 ipxop_t *ipx = ipsq->ipsq_xop; 803 804 *connpp = NULL; 805 mutex_enter(&ipx->ipx_lock); 806 if (ipx->ipx_pending_mp == NULL) { 807 mutex_exit(&ipx->ipx_lock); 808 return (NULL); 809 } 810 811 /* There can be only 1 such excl message */ 812 curr = ipx->ipx_pending_mp; 813 ASSERT(curr->b_next == NULL); 814 ipx->ipx_pending_ipif = NULL; 815 ipx->ipx_pending_mp = NULL; 816 ipx->ipx_waitfor = 0; 817 mutex_exit(&ipx->ipx_lock); 818 819 if (CONN_Q(curr->b_queue)) { 820 /* 821 * This mp did a refhold on the conn, at the start of the ioctl. 822 * So we can safely return a pointer to the conn to the caller. 823 */ 824 *connpp = Q_TO_CONN(curr->b_queue); 825 } else { 826 *connpp = NULL; 827 } 828 curr->b_next = NULL; 829 curr->b_prev = NULL; 830 return (curr); 831 } 832 833 /* 834 * Cleanup the ioctl mp queued in ipx_pending_mp 835 * - Called in the ill_delete path 836 * - Called in the M_ERROR or M_HANGUP path on the ill. 837 * - Called in the conn close path. 838 * 839 * Returns success on finding the pending mblk associated with the ioctl or 840 * exclusive operation in progress, failure otherwise. 841 */ 842 boolean_t 843 ipsq_pending_mp_cleanup(ill_t *ill, conn_t *connp) 844 { 845 mblk_t *mp; 846 ipxop_t *ipx; 847 queue_t *q; 848 ipif_t *ipif; 849 int cmd; 850 851 ASSERT(IAM_WRITER_ILL(ill)); 852 ipx = ill->ill_phyint->phyint_ipsq->ipsq_xop; 853 854 mutex_enter(&ipx->ipx_lock); 855 mp = ipx->ipx_pending_mp; 856 if (connp != NULL) { 857 if (mp == NULL || mp->b_queue != CONNP_TO_WQ(connp)) { 858 /* 859 * Nothing to clean since the conn that is closing 860 * does not have a matching pending mblk in 861 * ipx_pending_mp. 862 */ 863 mutex_exit(&ipx->ipx_lock); 864 return (B_FALSE); 865 } 866 } else { 867 /* 868 * A non-zero ill_error signifies we are called in the 869 * M_ERROR or M_HANGUP path and we need to unconditionally 870 * abort any current ioctl and do the corresponding cleanup. 871 * A zero ill_error means we are in the ill_delete path and 872 * we do the cleanup only if there is a pending mp. 873 */ 874 if (mp == NULL && ill->ill_error == 0) { 875 mutex_exit(&ipx->ipx_lock); 876 return (B_FALSE); 877 } 878 } 879 880 /* Now remove from the ipx_pending_mp */ 881 ipx->ipx_pending_mp = NULL; 882 ipif = ipx->ipx_pending_ipif; 883 ipx->ipx_pending_ipif = NULL; 884 ipx->ipx_waitfor = 0; 885 ipx->ipx_current_ipif = NULL; 886 cmd = ipx->ipx_current_ioctl; 887 ipx->ipx_current_ioctl = 0; 888 ipx->ipx_current_done = B_TRUE; 889 mutex_exit(&ipx->ipx_lock); 890 891 if (mp == NULL) 892 return (B_FALSE); 893 894 q = mp->b_queue; 895 mp->b_next = NULL; 896 mp->b_prev = NULL; 897 mp->b_queue = NULL; 898 899 if (DB_TYPE(mp) == M_IOCTL || DB_TYPE(mp) == M_IOCDATA) { 900 DTRACE_PROBE4(ipif__ioctl, 901 char *, "ipsq_pending_mp_cleanup", 902 int, cmd, ill_t *, ipif == NULL ? NULL : ipif->ipif_ill, 903 ipif_t *, ipif); 904 if (connp == NULL) { 905 ip_ioctl_finish(q, mp, ENXIO, NO_COPYOUT, NULL); 906 } else { 907 ip_ioctl_finish(q, mp, ENXIO, CONN_CLOSE, NULL); 908 mutex_enter(&ipif->ipif_ill->ill_lock); 909 ipif->ipif_state_flags &= ~IPIF_CHANGING; 910 mutex_exit(&ipif->ipif_ill->ill_lock); 911 } 912 } else { 913 inet_freemsg(mp); 914 } 915 return (B_TRUE); 916 } 917 918 /* 919 * Called in the conn close path and ill delete path 920 */ 921 static void 922 ipsq_xopq_mp_cleanup(ill_t *ill, conn_t *connp) 923 { 924 ipsq_t *ipsq; 925 mblk_t *prev; 926 mblk_t *curr; 927 mblk_t *next; 928 queue_t *wq, *rq = NULL; 929 mblk_t *tmp_list = NULL; 930 931 ASSERT(IAM_WRITER_ILL(ill)); 932 if (connp != NULL) 933 wq = CONNP_TO_WQ(connp); 934 else 935 wq = ill->ill_wq; 936 937 /* 938 * In the case of lo0 being unplumbed, ill_wq will be NULL. Guard 939 * against this here. 940 */ 941 if (wq != NULL) 942 rq = RD(wq); 943 944 ipsq = ill->ill_phyint->phyint_ipsq; 945 /* 946 * Cleanup the ioctl mp's queued in ipsq_xopq_pending_mp if any. 947 * In the case of ioctl from a conn, there can be only 1 mp 948 * queued on the ipsq. If an ill is being unplumbed flush all 949 * the messages. 950 */ 951 mutex_enter(&ipsq->ipsq_lock); 952 for (prev = NULL, curr = ipsq->ipsq_xopq_mphead; curr != NULL; 953 curr = next) { 954 next = curr->b_next; 955 if (connp == NULL || 956 (curr->b_queue == wq || curr->b_queue == rq)) { 957 /* Unlink the mblk from the pending mp list */ 958 if (prev != NULL) { 959 prev->b_next = curr->b_next; 960 } else { 961 ASSERT(ipsq->ipsq_xopq_mphead == curr); 962 ipsq->ipsq_xopq_mphead = curr->b_next; 963 } 964 if (ipsq->ipsq_xopq_mptail == curr) 965 ipsq->ipsq_xopq_mptail = prev; 966 /* 967 * Create a temporary list and release the ipsq lock 968 * New elements are added to the head of the tmp_list 969 */ 970 curr->b_next = tmp_list; 971 tmp_list = curr; 972 } else { 973 prev = curr; 974 } 975 } 976 mutex_exit(&ipsq->ipsq_lock); 977 978 while (tmp_list != NULL) { 979 curr = tmp_list; 980 tmp_list = curr->b_next; 981 curr->b_next = NULL; 982 curr->b_prev = NULL; 983 wq = curr->b_queue; 984 curr->b_queue = NULL; 985 if (DB_TYPE(curr) == M_IOCTL || DB_TYPE(curr) == M_IOCDATA) { 986 DTRACE_PROBE4(ipif__ioctl, 987 char *, "ipsq_xopq_mp_cleanup", 988 int, 0, ill_t *, NULL, ipif_t *, NULL); 989 ip_ioctl_finish(wq, curr, ENXIO, connp != NULL ? 990 CONN_CLOSE : NO_COPYOUT, NULL); 991 } else { 992 /* 993 * IP-MT XXX In the case of TLI/XTI bind / optmgmt 994 * this can't be just inet_freemsg. we have to 995 * restart it otherwise the thread will be stuck. 996 */ 997 inet_freemsg(curr); 998 } 999 } 1000 } 1001 1002 /* 1003 * This conn has started closing. Cleanup any pending ioctl from this conn. 1004 * STREAMS ensures that there can be at most 1 active ioctl on a stream. 1005 */ 1006 void 1007 conn_ioctl_cleanup(conn_t *connp) 1008 { 1009 ipsq_t *ipsq; 1010 ill_t *ill; 1011 boolean_t refheld; 1012 1013 /* 1014 * Check for a queued ioctl. If the ioctl has not yet started, the mp 1015 * is pending in the list headed by ipsq_xopq_head. If the ioctl has 1016 * started the mp could be present in ipx_pending_mp. Note that if 1017 * conn_oper_pending_ill is NULL, the ioctl may still be in flight and 1018 * not yet queued anywhere. In this case, the conn close code will wait 1019 * until the conn_ref is dropped. If the stream was a tcp stream, then 1020 * tcp_close will wait first until all ioctls have completed for this 1021 * conn. 1022 */ 1023 mutex_enter(&connp->conn_lock); 1024 ill = connp->conn_oper_pending_ill; 1025 if (ill == NULL) { 1026 mutex_exit(&connp->conn_lock); 1027 return; 1028 } 1029 1030 /* 1031 * We may not be able to refhold the ill if the ill/ipif 1032 * is changing. But we need to make sure that the ill will 1033 * not vanish. So we just bump up the ill_waiter count. 1034 */ 1035 refheld = ill_waiter_inc(ill); 1036 mutex_exit(&connp->conn_lock); 1037 if (refheld) { 1038 if (ipsq_enter(ill, B_TRUE, NEW_OP)) { 1039 ill_waiter_dcr(ill); 1040 /* 1041 * Check whether this ioctl has started and is 1042 * pending. If it is not found there then check 1043 * whether this ioctl has not even started and is in 1044 * the ipsq_xopq list. 1045 */ 1046 if (!ipsq_pending_mp_cleanup(ill, connp)) 1047 ipsq_xopq_mp_cleanup(ill, connp); 1048 ipsq = ill->ill_phyint->phyint_ipsq; 1049 ipsq_exit(ipsq); 1050 return; 1051 } 1052 } 1053 1054 /* 1055 * The ill is also closing and we could not bump up the 1056 * ill_waiter_count or we could not enter the ipsq. Leave 1057 * the cleanup to ill_delete 1058 */ 1059 mutex_enter(&connp->conn_lock); 1060 while (connp->conn_oper_pending_ill != NULL) 1061 cv_wait(&connp->conn_refcv, &connp->conn_lock); 1062 mutex_exit(&connp->conn_lock); 1063 if (refheld) 1064 ill_waiter_dcr(ill); 1065 } 1066 1067 /* 1068 * ipcl_walk function for cleaning up conn_*_ill fields. 1069 * Note that we leave ixa_multicast_ifindex, conn_incoming_ifindex, and 1070 * conn_bound_if in place. We prefer dropping 1071 * packets instead of sending them out the wrong interface, or accepting 1072 * packets from the wrong ifindex. 1073 */ 1074 static void 1075 conn_cleanup_ill(conn_t *connp, caddr_t arg) 1076 { 1077 ill_t *ill = (ill_t *)arg; 1078 1079 mutex_enter(&connp->conn_lock); 1080 if (connp->conn_dhcpinit_ill == ill) { 1081 connp->conn_dhcpinit_ill = NULL; 1082 ASSERT(ill->ill_dhcpinit != 0); 1083 atomic_dec_32(&ill->ill_dhcpinit); 1084 ill_set_inputfn(ill); 1085 } 1086 mutex_exit(&connp->conn_lock); 1087 } 1088 1089 static int 1090 ill_down_ipifs_tail(ill_t *ill) 1091 { 1092 ipif_t *ipif; 1093 int err; 1094 1095 ASSERT(IAM_WRITER_ILL(ill)); 1096 for (ipif = ill->ill_ipif; ipif != NULL; ipif = ipif->ipif_next) { 1097 ipif_non_duplicate(ipif); 1098 /* 1099 * ipif_down_tail will call arp_ll_down on the last ipif 1100 * and typically return EINPROGRESS when the DL_UNBIND is sent. 1101 */ 1102 if ((err = ipif_down_tail(ipif)) != 0) 1103 return (err); 1104 } 1105 return (0); 1106 } 1107 1108 /* ARGSUSED */ 1109 void 1110 ipif_all_down_tail(ipsq_t *ipsq, queue_t *q, mblk_t *mp, void *dummy_arg) 1111 { 1112 ASSERT(IAM_WRITER_IPSQ(ipsq)); 1113 (void) ill_down_ipifs_tail(q->q_ptr); 1114 freemsg(mp); 1115 ipsq_current_finish(ipsq); 1116 } 1117 1118 /* 1119 * ill_down_start is called when we want to down this ill and bring it up again 1120 * It is called when we receive an M_ERROR / M_HANGUP. In this case we shut down 1121 * all interfaces, but don't tear down any plumbing. 1122 */ 1123 boolean_t 1124 ill_down_start(queue_t *q, mblk_t *mp) 1125 { 1126 ill_t *ill = q->q_ptr; 1127 ipif_t *ipif; 1128 1129 ASSERT(IAM_WRITER_ILL(ill)); 1130 /* 1131 * It is possible that some ioctl is already in progress while we 1132 * received the M_ERROR / M_HANGUP in which case, we need to abort 1133 * the ioctl. ill_down_start() is being processed as CUR_OP rather 1134 * than as NEW_OP since the cause of the M_ERROR / M_HANGUP may prevent 1135 * the in progress ioctl from ever completing. 1136 * 1137 * The thread that started the ioctl (if any) must have returned, 1138 * since we are now executing as writer. After the 2 calls below, 1139 * the state of the ipsq and the ill would reflect no trace of any 1140 * pending operation. Subsequently if there is any response to the 1141 * original ioctl from the driver, it would be discarded as an 1142 * unsolicited message from the driver. 1143 */ 1144 (void) ipsq_pending_mp_cleanup(ill, NULL); 1145 ill_dlpi_clear_deferred(ill); 1146 1147 for (ipif = ill->ill_ipif; ipif != NULL; ipif = ipif->ipif_next) 1148 (void) ipif_down(ipif, NULL, NULL); 1149 1150 ill_down(ill); 1151 1152 /* 1153 * Walk all CONNs that can have a reference on an ire or nce for this 1154 * ill (we actually walk all that now have stale references). 1155 */ 1156 ipcl_walk(conn_ixa_cleanup, (void *)B_TRUE, ill->ill_ipst); 1157 1158 /* With IPv6 we have dce_ifindex. Cleanup for neatness */ 1159 if (ill->ill_isv6) 1160 dce_cleanup(ill->ill_phyint->phyint_ifindex, ill->ill_ipst); 1161 1162 ipsq_current_start(ill->ill_phyint->phyint_ipsq, ill->ill_ipif, 0); 1163 1164 /* 1165 * Atomically test and add the pending mp if references are active. 1166 */ 1167 mutex_enter(&ill->ill_lock); 1168 if (!ill_is_quiescent(ill)) { 1169 /* call cannot fail since `conn_t *' argument is NULL */ 1170 (void) ipsq_pending_mp_add(NULL, ill->ill_ipif, ill->ill_rq, 1171 mp, ILL_DOWN); 1172 mutex_exit(&ill->ill_lock); 1173 return (B_FALSE); 1174 } 1175 mutex_exit(&ill->ill_lock); 1176 return (B_TRUE); 1177 } 1178 1179 static void 1180 ill_down(ill_t *ill) 1181 { 1182 mblk_t *mp; 1183 ip_stack_t *ipst = ill->ill_ipst; 1184 1185 /* 1186 * Blow off any IREs dependent on this ILL. 1187 * The caller needs to handle conn_ixa_cleanup 1188 */ 1189 ill_delete_ires(ill); 1190 1191 ire_walk_ill(0, 0, ill_downi, ill, ill); 1192 1193 /* Remove any conn_*_ill depending on this ill */ 1194 ipcl_walk(conn_cleanup_ill, (caddr_t)ill, ipst); 1195 1196 /* 1197 * Free state for additional IREs. 1198 */ 1199 mutex_enter(&ill->ill_saved_ire_lock); 1200 mp = ill->ill_saved_ire_mp; 1201 ill->ill_saved_ire_mp = NULL; 1202 ill->ill_saved_ire_cnt = 0; 1203 mutex_exit(&ill->ill_saved_ire_lock); 1204 freemsg(mp); 1205 } 1206 1207 /* 1208 * ire_walk routine used to delete every IRE that depends on 1209 * 'ill'. (Always called as writer, and may only be called from ire_walk.) 1210 * 1211 * Note: since the routes added by the kernel are deleted separately, 1212 * this will only be 1) IRE_IF_CLONE and 2) manually added IRE_INTERFACE. 1213 * 1214 * We also remove references on ire_nce_cache entries that refer to the ill. 1215 */ 1216 void 1217 ill_downi(ire_t *ire, char *ill_arg) 1218 { 1219 ill_t *ill = (ill_t *)ill_arg; 1220 nce_t *nce; 1221 1222 mutex_enter(&ire->ire_lock); 1223 nce = ire->ire_nce_cache; 1224 if (nce != NULL && nce->nce_ill == ill) 1225 ire->ire_nce_cache = NULL; 1226 else 1227 nce = NULL; 1228 mutex_exit(&ire->ire_lock); 1229 if (nce != NULL) 1230 nce_refrele(nce); 1231 if (ire->ire_ill == ill) { 1232 /* 1233 * The existing interface binding for ire must be 1234 * deleted before trying to bind the route to another 1235 * interface. However, since we are using the contents of the 1236 * ire after ire_delete, the caller has to ensure that 1237 * CONDEMNED (deleted) ire's are not removed from the list 1238 * when ire_delete() returns. Currently ill_downi() is 1239 * only called as part of ire_walk*() routines, so that 1240 * the irb_refhold() done by ire_walk*() will ensure that 1241 * ire_delete() does not lead to ire_inactive(). 1242 */ 1243 ASSERT(ire->ire_bucket->irb_refcnt > 0); 1244 ire_delete(ire); 1245 if (ire->ire_unbound) 1246 ire_rebind(ire); 1247 } 1248 } 1249 1250 /* Remove IRE_IF_CLONE on this ill */ 1251 void 1252 ill_downi_if_clone(ire_t *ire, char *ill_arg) 1253 { 1254 ill_t *ill = (ill_t *)ill_arg; 1255 1256 ASSERT(ire->ire_type & IRE_IF_CLONE); 1257 if (ire->ire_ill == ill) 1258 ire_delete(ire); 1259 } 1260 1261 /* Consume an M_IOCACK of the fastpath probe. */ 1262 void 1263 ill_fastpath_ack(ill_t *ill, mblk_t *mp) 1264 { 1265 mblk_t *mp1 = mp; 1266 1267 /* 1268 * If this was the first attempt turn on the fastpath probing. 1269 */ 1270 mutex_enter(&ill->ill_lock); 1271 if (ill->ill_dlpi_fastpath_state == IDS_INPROGRESS) 1272 ill->ill_dlpi_fastpath_state = IDS_OK; 1273 mutex_exit(&ill->ill_lock); 1274 1275 /* Free the M_IOCACK mblk, hold on to the data */ 1276 mp = mp->b_cont; 1277 freeb(mp1); 1278 if (mp == NULL) 1279 return; 1280 if (mp->b_cont != NULL) 1281 nce_fastpath_update(ill, mp); 1282 else 1283 ip0dbg(("ill_fastpath_ack: no b_cont\n")); 1284 freemsg(mp); 1285 } 1286 1287 /* 1288 * Throw an M_IOCTL message downstream asking "do you know fastpath?" 1289 * The data portion of the request is a dl_unitdata_req_t template for 1290 * what we would send downstream in the absence of a fastpath confirmation. 1291 */ 1292 int 1293 ill_fastpath_probe(ill_t *ill, mblk_t *dlur_mp) 1294 { 1295 struct iocblk *ioc; 1296 mblk_t *mp; 1297 1298 if (dlur_mp == NULL) 1299 return (EINVAL); 1300 1301 mutex_enter(&ill->ill_lock); 1302 switch (ill->ill_dlpi_fastpath_state) { 1303 case IDS_FAILED: 1304 /* 1305 * Driver NAKed the first fastpath ioctl - assume it doesn't 1306 * support it. 1307 */ 1308 mutex_exit(&ill->ill_lock); 1309 return (ENOTSUP); 1310 case IDS_UNKNOWN: 1311 /* This is the first probe */ 1312 ill->ill_dlpi_fastpath_state = IDS_INPROGRESS; 1313 break; 1314 default: 1315 break; 1316 } 1317 mutex_exit(&ill->ill_lock); 1318 1319 if ((mp = mkiocb(DL_IOC_HDR_INFO)) == NULL) 1320 return (EAGAIN); 1321 1322 mp->b_cont = copyb(dlur_mp); 1323 if (mp->b_cont == NULL) { 1324 freeb(mp); 1325 return (EAGAIN); 1326 } 1327 1328 ioc = (struct iocblk *)mp->b_rptr; 1329 ioc->ioc_count = msgdsize(mp->b_cont); 1330 1331 DTRACE_PROBE3(ill__dlpi, char *, "ill_fastpath_probe", 1332 char *, "DL_IOC_HDR_INFO", ill_t *, ill); 1333 putnext(ill->ill_wq, mp); 1334 return (0); 1335 } 1336 1337 void 1338 ill_capability_probe(ill_t *ill) 1339 { 1340 mblk_t *mp; 1341 1342 ASSERT(IAM_WRITER_ILL(ill)); 1343 1344 if (ill->ill_dlpi_capab_state != IDCS_UNKNOWN && 1345 ill->ill_dlpi_capab_state != IDCS_FAILED) 1346 return; 1347 1348 /* 1349 * We are starting a new cycle of capability negotiation. 1350 * Free up the capab reset messages of any previous incarnation. 1351 * We will do a fresh allocation when we get the response to our probe 1352 */ 1353 if (ill->ill_capab_reset_mp != NULL) { 1354 freemsg(ill->ill_capab_reset_mp); 1355 ill->ill_capab_reset_mp = NULL; 1356 } 1357 1358 ip1dbg(("ill_capability_probe: starting capability negotiation\n")); 1359 1360 mp = ip_dlpi_alloc(sizeof (dl_capability_req_t), DL_CAPABILITY_REQ); 1361 if (mp == NULL) 1362 return; 1363 1364 ill_capability_send(ill, mp); 1365 ill->ill_dlpi_capab_state = IDCS_PROBE_SENT; 1366 } 1367 1368 void 1369 ill_capability_reset(ill_t *ill, boolean_t reneg) 1370 { 1371 ASSERT(IAM_WRITER_ILL(ill)); 1372 1373 if (ill->ill_dlpi_capab_state != IDCS_OK) 1374 return; 1375 1376 ill->ill_dlpi_capab_state = reneg ? IDCS_RENEG : IDCS_RESET_SENT; 1377 1378 ill_capability_send(ill, ill->ill_capab_reset_mp); 1379 ill->ill_capab_reset_mp = NULL; 1380 /* 1381 * We turn off all capabilities except those pertaining to 1382 * direct function call capabilities viz. ILL_CAPAB_DLD* 1383 * which will be turned off by the corresponding reset functions. 1384 */ 1385 ill->ill_capabilities &= ~(ILL_CAPAB_HCKSUM | ILL_CAPAB_ZEROCOPY); 1386 } 1387 1388 static void 1389 ill_capability_reset_alloc(ill_t *ill) 1390 { 1391 mblk_t *mp; 1392 size_t size = 0; 1393 int err; 1394 dl_capability_req_t *capb; 1395 1396 ASSERT(IAM_WRITER_ILL(ill)); 1397 ASSERT(ill->ill_capab_reset_mp == NULL); 1398 1399 if (ILL_HCKSUM_CAPABLE(ill)) { 1400 size += sizeof (dl_capability_sub_t) + 1401 sizeof (dl_capab_hcksum_t); 1402 } 1403 1404 if (ill->ill_capabilities & ILL_CAPAB_ZEROCOPY) { 1405 size += sizeof (dl_capability_sub_t) + 1406 sizeof (dl_capab_zerocopy_t); 1407 } 1408 1409 if (ill->ill_capabilities & ILL_CAPAB_DLD) { 1410 size += sizeof (dl_capability_sub_t) + 1411 sizeof (dl_capab_dld_t); 1412 } 1413 1414 mp = allocb_wait(size + sizeof (dl_capability_req_t), BPRI_MED, 1415 STR_NOSIG, &err); 1416 1417 mp->b_datap->db_type = M_PROTO; 1418 bzero(mp->b_rptr, size + sizeof (dl_capability_req_t)); 1419 1420 capb = (dl_capability_req_t *)mp->b_rptr; 1421 capb->dl_primitive = DL_CAPABILITY_REQ; 1422 capb->dl_sub_offset = sizeof (dl_capability_req_t); 1423 capb->dl_sub_length = size; 1424 1425 mp->b_wptr += sizeof (dl_capability_req_t); 1426 1427 /* 1428 * Each handler fills in the corresponding dl_capability_sub_t 1429 * inside the mblk, 1430 */ 1431 ill_capability_hcksum_reset_fill(ill, mp); 1432 ill_capability_zerocopy_reset_fill(ill, mp); 1433 ill_capability_dld_reset_fill(ill, mp); 1434 1435 ill->ill_capab_reset_mp = mp; 1436 } 1437 1438 static void 1439 ill_capability_id_ack(ill_t *ill, mblk_t *mp, dl_capability_sub_t *outers) 1440 { 1441 dl_capab_id_t *id_ic; 1442 uint_t sub_dl_cap = outers->dl_cap; 1443 dl_capability_sub_t *inners; 1444 uint8_t *capend; 1445 1446 ASSERT(sub_dl_cap == DL_CAPAB_ID_WRAPPER); 1447 1448 /* 1449 * Note: range checks here are not absolutely sufficient to 1450 * make us robust against malformed messages sent by drivers; 1451 * this is in keeping with the rest of IP's dlpi handling. 1452 * (Remember, it's coming from something else in the kernel 1453 * address space) 1454 */ 1455 1456 capend = (uint8_t *)(outers + 1) + outers->dl_length; 1457 if (capend > mp->b_wptr) { 1458 cmn_err(CE_WARN, "ill_capability_id_ack: " 1459 "malformed sub-capability too long for mblk"); 1460 return; 1461 } 1462 1463 id_ic = (dl_capab_id_t *)(outers + 1); 1464 1465 if (outers->dl_length < sizeof (*id_ic) || 1466 (inners = &id_ic->id_subcap, 1467 inners->dl_length > (outers->dl_length - sizeof (*inners)))) { 1468 cmn_err(CE_WARN, "ill_capability_id_ack: malformed " 1469 "encapsulated capab type %d too long for mblk", 1470 inners->dl_cap); 1471 return; 1472 } 1473 1474 if (!dlcapabcheckqid(&id_ic->id_mid, ill->ill_lmod_rq)) { 1475 ip1dbg(("ill_capability_id_ack: mid token for capab type %d " 1476 "isn't as expected; pass-thru module(s) detected, " 1477 "discarding capability\n", inners->dl_cap)); 1478 return; 1479 } 1480 1481 /* Process the encapsulated sub-capability */ 1482 ill_capability_dispatch(ill, mp, inners); 1483 } 1484 1485 static void 1486 ill_capability_dld_reset_fill(ill_t *ill, mblk_t *mp) 1487 { 1488 dl_capability_sub_t *dl_subcap; 1489 1490 if (!(ill->ill_capabilities & ILL_CAPAB_DLD)) 1491 return; 1492 1493 /* 1494 * The dl_capab_dld_t that follows the dl_capability_sub_t is not 1495 * initialized below since it is not used by DLD. 1496 */ 1497 dl_subcap = (dl_capability_sub_t *)mp->b_wptr; 1498 dl_subcap->dl_cap = DL_CAPAB_DLD; 1499 dl_subcap->dl_length = sizeof (dl_capab_dld_t); 1500 1501 mp->b_wptr += sizeof (dl_capability_sub_t) + sizeof (dl_capab_dld_t); 1502 } 1503 1504 static void 1505 ill_capability_dispatch(ill_t *ill, mblk_t *mp, dl_capability_sub_t *subp) 1506 { 1507 /* 1508 * If no ipif was brought up over this ill, this DL_CAPABILITY_REQ/ACK 1509 * is only to get the VRRP capability. 1510 * 1511 * Note that we cannot check ill_ipif_up_count here since 1512 * ill_ipif_up_count is only incremented when the resolver is setup. 1513 * That is done asynchronously, and can race with this function. 1514 */ 1515 if (!ill->ill_dl_up) { 1516 if (subp->dl_cap == DL_CAPAB_VRRP) 1517 ill_capability_vrrp_ack(ill, mp, subp); 1518 return; 1519 } 1520 1521 switch (subp->dl_cap) { 1522 case DL_CAPAB_HCKSUM: 1523 ill_capability_hcksum_ack(ill, mp, subp); 1524 break; 1525 case DL_CAPAB_ZEROCOPY: 1526 ill_capability_zerocopy_ack(ill, mp, subp); 1527 break; 1528 case DL_CAPAB_DLD: 1529 ill_capability_dld_ack(ill, mp, subp); 1530 break; 1531 case DL_CAPAB_VRRP: 1532 break; 1533 default: 1534 ip1dbg(("ill_capability_dispatch: unknown capab type %d\n", 1535 subp->dl_cap)); 1536 } 1537 } 1538 1539 /* 1540 * Process the vrrp capability received from a DLS Provider. isub must point 1541 * to the sub-capability (DL_CAPAB_VRRP) of a DL_CAPABILITY_ACK message. 1542 */ 1543 static void 1544 ill_capability_vrrp_ack(ill_t *ill, mblk_t *mp, dl_capability_sub_t *isub) 1545 { 1546 dl_capab_vrrp_t *vrrp; 1547 uint_t sub_dl_cap = isub->dl_cap; 1548 uint8_t *capend; 1549 1550 ASSERT(IAM_WRITER_ILL(ill)); 1551 ASSERT(sub_dl_cap == DL_CAPAB_VRRP); 1552 1553 /* 1554 * Note: range checks here are not absolutely sufficient to 1555 * make us robust against malformed messages sent by drivers; 1556 * this is in keeping with the rest of IP's dlpi handling. 1557 * (Remember, it's coming from something else in the kernel 1558 * address space) 1559 */ 1560 capend = (uint8_t *)(isub + 1) + isub->dl_length; 1561 if (capend > mp->b_wptr) { 1562 cmn_err(CE_WARN, "ill_capability_vrrp_ack: " 1563 "malformed sub-capability too long for mblk"); 1564 return; 1565 } 1566 vrrp = (dl_capab_vrrp_t *)(isub + 1); 1567 1568 /* 1569 * Compare the IP address family and set ILLF_VRRP for the right ill. 1570 */ 1571 if ((vrrp->vrrp_af == AF_INET6 && ill->ill_isv6) || 1572 (vrrp->vrrp_af == AF_INET && !ill->ill_isv6)) { 1573 ill->ill_flags |= ILLF_VRRP; 1574 } 1575 } 1576 1577 /* 1578 * Process a hardware checksum offload capability negotiation ack received 1579 * from a DLS Provider.isub must point to the sub-capability (DL_CAPAB_HCKSUM) 1580 * of a DL_CAPABILITY_ACK message. 1581 */ 1582 static void 1583 ill_capability_hcksum_ack(ill_t *ill, mblk_t *mp, dl_capability_sub_t *isub) 1584 { 1585 dl_capability_req_t *ocap; 1586 dl_capab_hcksum_t *ihck, *ohck; 1587 ill_hcksum_capab_t **ill_hcksum; 1588 mblk_t *nmp = NULL; 1589 uint_t sub_dl_cap = isub->dl_cap; 1590 uint8_t *capend; 1591 1592 ASSERT(sub_dl_cap == DL_CAPAB_HCKSUM); 1593 1594 ill_hcksum = (ill_hcksum_capab_t **)&ill->ill_hcksum_capab; 1595 1596 /* 1597 * Note: range checks here are not absolutely sufficient to 1598 * make us robust against malformed messages sent by drivers; 1599 * this is in keeping with the rest of IP's dlpi handling. 1600 * (Remember, it's coming from something else in the kernel 1601 * address space) 1602 */ 1603 capend = (uint8_t *)(isub + 1) + isub->dl_length; 1604 if (capend > mp->b_wptr) { 1605 cmn_err(CE_WARN, "ill_capability_hcksum_ack: " 1606 "malformed sub-capability too long for mblk"); 1607 return; 1608 } 1609 1610 /* 1611 * There are two types of acks we process here: 1612 * 1. acks in reply to a (first form) generic capability req 1613 * (no ENABLE flag set) 1614 * 2. acks in reply to a ENABLE capability req. 1615 * (ENABLE flag set) 1616 */ 1617 ihck = (dl_capab_hcksum_t *)(isub + 1); 1618 1619 if (ihck->hcksum_version != HCKSUM_VERSION_1) { 1620 cmn_err(CE_CONT, "ill_capability_hcksum_ack: " 1621 "unsupported hardware checksum " 1622 "sub-capability (version %d, expected %d)", 1623 ihck->hcksum_version, HCKSUM_VERSION_1); 1624 return; 1625 } 1626 1627 if (!dlcapabcheckqid(&ihck->hcksum_mid, ill->ill_lmod_rq)) { 1628 ip1dbg(("ill_capability_hcksum_ack: mid token for hardware " 1629 "checksum capability isn't as expected; pass-thru " 1630 "module(s) detected, discarding capability\n")); 1631 return; 1632 } 1633 1634 #define CURR_HCKSUM_CAPAB \ 1635 (HCKSUM_INET_PARTIAL | HCKSUM_INET_FULL_V4 | \ 1636 HCKSUM_INET_FULL_V6 | HCKSUM_IPHDRCKSUM) 1637 1638 if ((ihck->hcksum_txflags & HCKSUM_ENABLE) && 1639 (ihck->hcksum_txflags & CURR_HCKSUM_CAPAB)) { 1640 /* do ENABLE processing */ 1641 if (*ill_hcksum == NULL) { 1642 *ill_hcksum = kmem_zalloc(sizeof (ill_hcksum_capab_t), 1643 KM_NOSLEEP); 1644 1645 if (*ill_hcksum == NULL) { 1646 cmn_err(CE_WARN, "ill_capability_hcksum_ack: " 1647 "could not enable hcksum version %d " 1648 "for %s (ENOMEM)\n", HCKSUM_CURRENT_VERSION, 1649 ill->ill_name); 1650 return; 1651 } 1652 } 1653 1654 (*ill_hcksum)->ill_hcksum_version = ihck->hcksum_version; 1655 (*ill_hcksum)->ill_hcksum_txflags = ihck->hcksum_txflags; 1656 ill->ill_capabilities |= ILL_CAPAB_HCKSUM; 1657 ip1dbg(("ill_capability_hcksum_ack: interface %s " 1658 "has enabled hardware checksumming\n ", 1659 ill->ill_name)); 1660 } else if (ihck->hcksum_txflags & CURR_HCKSUM_CAPAB) { 1661 /* 1662 * Enabling hardware checksum offload 1663 * Currently IP supports {TCP,UDP}/IPv4 1664 * partial and full cksum offload and 1665 * IPv4 header checksum offload. 1666 * Allocate new mblk which will 1667 * contain a new capability request 1668 * to enable hardware checksum offload. 1669 */ 1670 uint_t size; 1671 uchar_t *rptr; 1672 1673 size = sizeof (dl_capability_req_t) + 1674 sizeof (dl_capability_sub_t) + isub->dl_length; 1675 1676 if ((nmp = ip_dlpi_alloc(size, DL_CAPABILITY_REQ)) == NULL) { 1677 cmn_err(CE_WARN, "ill_capability_hcksum_ack: " 1678 "could not enable hardware cksum for %s (ENOMEM)\n", 1679 ill->ill_name); 1680 return; 1681 } 1682 1683 rptr = nmp->b_rptr; 1684 /* initialize dl_capability_req_t */ 1685 ocap = (dl_capability_req_t *)nmp->b_rptr; 1686 ocap->dl_sub_offset = 1687 sizeof (dl_capability_req_t); 1688 ocap->dl_sub_length = 1689 sizeof (dl_capability_sub_t) + 1690 isub->dl_length; 1691 nmp->b_rptr += sizeof (dl_capability_req_t); 1692 1693 /* initialize dl_capability_sub_t */ 1694 bcopy(isub, nmp->b_rptr, sizeof (*isub)); 1695 nmp->b_rptr += sizeof (*isub); 1696 1697 /* initialize dl_capab_hcksum_t */ 1698 ohck = (dl_capab_hcksum_t *)nmp->b_rptr; 1699 bcopy(ihck, ohck, sizeof (*ihck)); 1700 1701 nmp->b_rptr = rptr; 1702 ASSERT(nmp->b_wptr == (nmp->b_rptr + size)); 1703 1704 /* Set ENABLE flag */ 1705 ohck->hcksum_txflags &= CURR_HCKSUM_CAPAB; 1706 ohck->hcksum_txflags |= HCKSUM_ENABLE; 1707 1708 /* 1709 * nmp points to a DL_CAPABILITY_REQ message to enable 1710 * hardware checksum acceleration. 1711 */ 1712 ill_capability_send(ill, nmp); 1713 } else { 1714 ip1dbg(("ill_capability_hcksum_ack: interface %s has " 1715 "advertised %x hardware checksum capability flags\n", 1716 ill->ill_name, ihck->hcksum_txflags)); 1717 } 1718 } 1719 1720 static void 1721 ill_capability_hcksum_reset_fill(ill_t *ill, mblk_t *mp) 1722 { 1723 dl_capab_hcksum_t *hck_subcap; 1724 dl_capability_sub_t *dl_subcap; 1725 1726 if (!ILL_HCKSUM_CAPABLE(ill)) 1727 return; 1728 1729 ASSERT(ill->ill_hcksum_capab != NULL); 1730 1731 dl_subcap = (dl_capability_sub_t *)mp->b_wptr; 1732 dl_subcap->dl_cap = DL_CAPAB_HCKSUM; 1733 dl_subcap->dl_length = sizeof (*hck_subcap); 1734 1735 hck_subcap = (dl_capab_hcksum_t *)(dl_subcap + 1); 1736 hck_subcap->hcksum_version = ill->ill_hcksum_capab->ill_hcksum_version; 1737 hck_subcap->hcksum_txflags = 0; 1738 1739 mp->b_wptr += sizeof (*dl_subcap) + sizeof (*hck_subcap); 1740 } 1741 1742 static void 1743 ill_capability_zerocopy_ack(ill_t *ill, mblk_t *mp, dl_capability_sub_t *isub) 1744 { 1745 mblk_t *nmp = NULL; 1746 dl_capability_req_t *oc; 1747 dl_capab_zerocopy_t *zc_ic, *zc_oc; 1748 ill_zerocopy_capab_t **ill_zerocopy_capab; 1749 uint_t sub_dl_cap = isub->dl_cap; 1750 uint8_t *capend; 1751 1752 ASSERT(sub_dl_cap == DL_CAPAB_ZEROCOPY); 1753 1754 ill_zerocopy_capab = (ill_zerocopy_capab_t **)&ill->ill_zerocopy_capab; 1755 1756 /* 1757 * Note: range checks here are not absolutely sufficient to 1758 * make us robust against malformed messages sent by drivers; 1759 * this is in keeping with the rest of IP's dlpi handling. 1760 * (Remember, it's coming from something else in the kernel 1761 * address space) 1762 */ 1763 capend = (uint8_t *)(isub + 1) + isub->dl_length; 1764 if (capend > mp->b_wptr) { 1765 cmn_err(CE_WARN, "ill_capability_zerocopy_ack: " 1766 "malformed sub-capability too long for mblk"); 1767 return; 1768 } 1769 1770 zc_ic = (dl_capab_zerocopy_t *)(isub + 1); 1771 if (zc_ic->zerocopy_version != ZEROCOPY_VERSION_1) { 1772 cmn_err(CE_CONT, "ill_capability_zerocopy_ack: " 1773 "unsupported ZEROCOPY sub-capability (version %d, " 1774 "expected %d)", zc_ic->zerocopy_version, 1775 ZEROCOPY_VERSION_1); 1776 return; 1777 } 1778 1779 if (!dlcapabcheckqid(&zc_ic->zerocopy_mid, ill->ill_lmod_rq)) { 1780 ip1dbg(("ill_capability_zerocopy_ack: mid token for zerocopy " 1781 "capability isn't as expected; pass-thru module(s) " 1782 "detected, discarding capability\n")); 1783 return; 1784 } 1785 1786 if ((zc_ic->zerocopy_flags & DL_CAPAB_VMSAFE_MEM) != 0) { 1787 if (*ill_zerocopy_capab == NULL) { 1788 *ill_zerocopy_capab = 1789 kmem_zalloc(sizeof (ill_zerocopy_capab_t), 1790 KM_NOSLEEP); 1791 1792 if (*ill_zerocopy_capab == NULL) { 1793 cmn_err(CE_WARN, "ill_capability_zerocopy_ack: " 1794 "could not enable Zero-copy version %d " 1795 "for %s (ENOMEM)\n", ZEROCOPY_VERSION_1, 1796 ill->ill_name); 1797 return; 1798 } 1799 } 1800 1801 ip1dbg(("ill_capability_zerocopy_ack: interface %s " 1802 "supports Zero-copy version %d\n", ill->ill_name, 1803 ZEROCOPY_VERSION_1)); 1804 1805 (*ill_zerocopy_capab)->ill_zerocopy_version = 1806 zc_ic->zerocopy_version; 1807 (*ill_zerocopy_capab)->ill_zerocopy_flags = 1808 zc_ic->zerocopy_flags; 1809 1810 ill->ill_capabilities |= ILL_CAPAB_ZEROCOPY; 1811 } else { 1812 uint_t size; 1813 uchar_t *rptr; 1814 1815 size = sizeof (dl_capability_req_t) + 1816 sizeof (dl_capability_sub_t) + 1817 sizeof (dl_capab_zerocopy_t); 1818 1819 if ((nmp = ip_dlpi_alloc(size, DL_CAPABILITY_REQ)) == NULL) { 1820 cmn_err(CE_WARN, "ill_capability_zerocopy_ack: " 1821 "could not enable zerocopy for %s (ENOMEM)\n", 1822 ill->ill_name); 1823 return; 1824 } 1825 1826 rptr = nmp->b_rptr; 1827 /* initialize dl_capability_req_t */ 1828 oc = (dl_capability_req_t *)rptr; 1829 oc->dl_sub_offset = sizeof (dl_capability_req_t); 1830 oc->dl_sub_length = sizeof (dl_capability_sub_t) + 1831 sizeof (dl_capab_zerocopy_t); 1832 rptr += sizeof (dl_capability_req_t); 1833 1834 /* initialize dl_capability_sub_t */ 1835 bcopy(isub, rptr, sizeof (*isub)); 1836 rptr += sizeof (*isub); 1837 1838 /* initialize dl_capab_zerocopy_t */ 1839 zc_oc = (dl_capab_zerocopy_t *)rptr; 1840 *zc_oc = *zc_ic; 1841 1842 ip1dbg(("ill_capability_zerocopy_ack: asking interface %s " 1843 "to enable zero-copy version %d\n", ill->ill_name, 1844 ZEROCOPY_VERSION_1)); 1845 1846 /* set VMSAFE_MEM flag */ 1847 zc_oc->zerocopy_flags |= DL_CAPAB_VMSAFE_MEM; 1848 1849 /* nmp points to a DL_CAPABILITY_REQ message to enable zcopy */ 1850 ill_capability_send(ill, nmp); 1851 } 1852 } 1853 1854 static void 1855 ill_capability_zerocopy_reset_fill(ill_t *ill, mblk_t *mp) 1856 { 1857 dl_capab_zerocopy_t *zerocopy_subcap; 1858 dl_capability_sub_t *dl_subcap; 1859 1860 if (!(ill->ill_capabilities & ILL_CAPAB_ZEROCOPY)) 1861 return; 1862 1863 ASSERT(ill->ill_zerocopy_capab != NULL); 1864 1865 dl_subcap = (dl_capability_sub_t *)mp->b_wptr; 1866 dl_subcap->dl_cap = DL_CAPAB_ZEROCOPY; 1867 dl_subcap->dl_length = sizeof (*zerocopy_subcap); 1868 1869 zerocopy_subcap = (dl_capab_zerocopy_t *)(dl_subcap + 1); 1870 zerocopy_subcap->zerocopy_version = 1871 ill->ill_zerocopy_capab->ill_zerocopy_version; 1872 zerocopy_subcap->zerocopy_flags = 0; 1873 1874 mp->b_wptr += sizeof (*dl_subcap) + sizeof (*zerocopy_subcap); 1875 } 1876 1877 /* 1878 * DLD capability 1879 * Refer to dld.h for more information regarding the purpose and usage 1880 * of this capability. 1881 */ 1882 static void 1883 ill_capability_dld_ack(ill_t *ill, mblk_t *mp, dl_capability_sub_t *isub) 1884 { 1885 dl_capab_dld_t *dld_ic, dld; 1886 uint_t sub_dl_cap = isub->dl_cap; 1887 uint8_t *capend; 1888 ill_dld_capab_t *idc; 1889 1890 ASSERT(IAM_WRITER_ILL(ill)); 1891 ASSERT(sub_dl_cap == DL_CAPAB_DLD); 1892 1893 /* 1894 * Note: range checks here are not absolutely sufficient to 1895 * make us robust against malformed messages sent by drivers; 1896 * this is in keeping with the rest of IP's dlpi handling. 1897 * (Remember, it's coming from something else in the kernel 1898 * address space) 1899 */ 1900 capend = (uint8_t *)(isub + 1) + isub->dl_length; 1901 if (capend > mp->b_wptr) { 1902 cmn_err(CE_WARN, "ill_capability_dld_ack: " 1903 "malformed sub-capability too long for mblk"); 1904 return; 1905 } 1906 dld_ic = (dl_capab_dld_t *)(isub + 1); 1907 if (dld_ic->dld_version != DLD_CURRENT_VERSION) { 1908 cmn_err(CE_CONT, "ill_capability_dld_ack: " 1909 "unsupported DLD sub-capability (version %d, " 1910 "expected %d)", dld_ic->dld_version, 1911 DLD_CURRENT_VERSION); 1912 return; 1913 } 1914 if (!dlcapabcheckqid(&dld_ic->dld_mid, ill->ill_lmod_rq)) { 1915 ip1dbg(("ill_capability_dld_ack: mid token for dld " 1916 "capability isn't as expected; pass-thru module(s) " 1917 "detected, discarding capability\n")); 1918 return; 1919 } 1920 1921 /* 1922 * Copy locally to ensure alignment. 1923 */ 1924 bcopy(dld_ic, &dld, sizeof (dl_capab_dld_t)); 1925 1926 if ((idc = ill->ill_dld_capab) == NULL) { 1927 idc = kmem_zalloc(sizeof (ill_dld_capab_t), KM_NOSLEEP); 1928 if (idc == NULL) { 1929 cmn_err(CE_WARN, "ill_capability_dld_ack: " 1930 "could not enable DLD version %d " 1931 "for %s (ENOMEM)\n", DLD_CURRENT_VERSION, 1932 ill->ill_name); 1933 return; 1934 } 1935 ill->ill_dld_capab = idc; 1936 } 1937 idc->idc_capab_df = (ip_capab_func_t)dld.dld_capab; 1938 idc->idc_capab_dh = (void *)dld.dld_capab_handle; 1939 ip1dbg(("ill_capability_dld_ack: interface %s " 1940 "supports DLD version %d\n", ill->ill_name, DLD_CURRENT_VERSION)); 1941 1942 ill_capability_dld_enable(ill); 1943 } 1944 1945 /* 1946 * Typically capability negotiation between IP and the driver happens via 1947 * DLPI message exchange. However GLD also offers a direct function call 1948 * mechanism to exchange the DLD_DIRECT_CAPAB and DLD_POLL_CAPAB capabilities, 1949 * But arbitrary function calls into IP or GLD are not permitted, since both 1950 * of them are protected by their own perimeter mechanism. The perimeter can 1951 * be viewed as a coarse lock or serialization mechanism. The hierarchy of 1952 * these perimeters is IP -> MAC. Thus for example to enable the squeue 1953 * polling, IP needs to enter its perimeter, then call ill_mac_perim_enter 1954 * to enter the mac perimeter and then do the direct function calls into 1955 * GLD to enable squeue polling. The ring related callbacks from the mac into 1956 * the stack to add, bind, quiesce, restart or cleanup a ring are all 1957 * protected by the mac perimeter. 1958 */ 1959 static void 1960 ill_mac_perim_enter(ill_t *ill, mac_perim_handle_t *mphp) 1961 { 1962 ill_dld_capab_t *idc = ill->ill_dld_capab; 1963 int err; 1964 1965 err = idc->idc_capab_df(idc->idc_capab_dh, DLD_CAPAB_PERIM, mphp, 1966 DLD_ENABLE); 1967 ASSERT(err == 0); 1968 } 1969 1970 static void 1971 ill_mac_perim_exit(ill_t *ill, mac_perim_handle_t mph) 1972 { 1973 ill_dld_capab_t *idc = ill->ill_dld_capab; 1974 int err; 1975 1976 err = idc->idc_capab_df(idc->idc_capab_dh, DLD_CAPAB_PERIM, mph, 1977 DLD_DISABLE); 1978 ASSERT(err == 0); 1979 } 1980 1981 boolean_t 1982 ill_mac_perim_held(ill_t *ill) 1983 { 1984 ill_dld_capab_t *idc = ill->ill_dld_capab; 1985 1986 return (idc->idc_capab_df(idc->idc_capab_dh, DLD_CAPAB_PERIM, NULL, 1987 DLD_QUERY)); 1988 } 1989 1990 static void 1991 ill_capability_direct_enable(ill_t *ill) 1992 { 1993 ill_dld_capab_t *idc = ill->ill_dld_capab; 1994 ill_dld_direct_t *idd = &idc->idc_direct; 1995 dld_capab_direct_t direct; 1996 int rc; 1997 1998 ASSERT(!ill->ill_isv6 && IAM_WRITER_ILL(ill)); 1999 2000 bzero(&direct, sizeof (direct)); 2001 direct.di_rx_cf = (uintptr_t)ip_input; 2002 direct.di_rx_ch = ill; 2003 2004 rc = idc->idc_capab_df(idc->idc_capab_dh, DLD_CAPAB_DIRECT, &direct, 2005 DLD_ENABLE); 2006 if (rc == 0) { 2007 idd->idd_tx_df = (ip_dld_tx_t)direct.di_tx_df; 2008 idd->idd_tx_dh = direct.di_tx_dh; 2009 idd->idd_tx_cb_df = (ip_dld_callb_t)direct.di_tx_cb_df; 2010 idd->idd_tx_cb_dh = direct.di_tx_cb_dh; 2011 idd->idd_tx_fctl_df = (ip_dld_fctl_t)direct.di_tx_fctl_df; 2012 idd->idd_tx_fctl_dh = direct.di_tx_fctl_dh; 2013 ASSERT(idd->idd_tx_cb_df != NULL); 2014 ASSERT(idd->idd_tx_fctl_df != NULL); 2015 ASSERT(idd->idd_tx_df != NULL); 2016 /* 2017 * One time registration of flow enable callback function 2018 */ 2019 ill->ill_flownotify_mh = idd->idd_tx_cb_df(idd->idd_tx_cb_dh, 2020 ill_flow_enable, ill); 2021 ill->ill_capabilities |= ILL_CAPAB_DLD_DIRECT; 2022 DTRACE_PROBE1(direct_on, (ill_t *), ill); 2023 } else { 2024 cmn_err(CE_WARN, "warning: could not enable DIRECT " 2025 "capability, rc = %d\n", rc); 2026 DTRACE_PROBE2(direct_off, (ill_t *), ill, (int), rc); 2027 } 2028 } 2029 2030 static void 2031 ill_capability_poll_enable(ill_t *ill) 2032 { 2033 ill_dld_capab_t *idc = ill->ill_dld_capab; 2034 dld_capab_poll_t poll; 2035 int rc; 2036 2037 ASSERT(!ill->ill_isv6 && IAM_WRITER_ILL(ill)); 2038 2039 bzero(&poll, sizeof (poll)); 2040 poll.poll_ring_add_cf = (uintptr_t)ip_squeue_add_ring; 2041 poll.poll_ring_remove_cf = (uintptr_t)ip_squeue_clean_ring; 2042 poll.poll_ring_quiesce_cf = (uintptr_t)ip_squeue_quiesce_ring; 2043 poll.poll_ring_restart_cf = (uintptr_t)ip_squeue_restart_ring; 2044 poll.poll_ring_bind_cf = (uintptr_t)ip_squeue_bind_ring; 2045 poll.poll_ring_ch = ill; 2046 rc = idc->idc_capab_df(idc->idc_capab_dh, DLD_CAPAB_POLL, &poll, 2047 DLD_ENABLE); 2048 if (rc == 0) { 2049 ill->ill_capabilities |= ILL_CAPAB_DLD_POLL; 2050 DTRACE_PROBE1(poll_on, (ill_t *), ill); 2051 } else { 2052 ip1dbg(("warning: could not enable POLL " 2053 "capability, rc = %d\n", rc)); 2054 DTRACE_PROBE2(poll_off, (ill_t *), ill, (int), rc); 2055 } 2056 } 2057 2058 /* 2059 * Enable the LSO capability. 2060 */ 2061 static void 2062 ill_capability_lso_enable(ill_t *ill) 2063 { 2064 ill_dld_capab_t *idc = ill->ill_dld_capab; 2065 dld_capab_lso_t lso; 2066 int rc; 2067 2068 ASSERT(!ill->ill_isv6 && IAM_WRITER_ILL(ill)); 2069 2070 if (ill->ill_lso_capab == NULL) { 2071 ill->ill_lso_capab = kmem_zalloc(sizeof (ill_lso_capab_t), 2072 KM_NOSLEEP); 2073 if (ill->ill_lso_capab == NULL) { 2074 cmn_err(CE_WARN, "ill_capability_lso_enable: " 2075 "could not enable LSO for %s (ENOMEM)\n", 2076 ill->ill_name); 2077 return; 2078 } 2079 } 2080 2081 bzero(&lso, sizeof (lso)); 2082 if ((rc = idc->idc_capab_df(idc->idc_capab_dh, DLD_CAPAB_LSO, &lso, 2083 DLD_ENABLE)) == 0) { 2084 ill->ill_lso_capab->ill_lso_flags = lso.lso_flags; 2085 ill->ill_lso_capab->ill_lso_max = lso.lso_max; 2086 ill->ill_capabilities |= ILL_CAPAB_LSO; 2087 ip1dbg(("ill_capability_lso_enable: interface %s " 2088 "has enabled LSO\n ", ill->ill_name)); 2089 } else { 2090 kmem_free(ill->ill_lso_capab, sizeof (ill_lso_capab_t)); 2091 ill->ill_lso_capab = NULL; 2092 DTRACE_PROBE2(lso_off, (ill_t *), ill, (int), rc); 2093 } 2094 } 2095 2096 static void 2097 ill_capability_dld_enable(ill_t *ill) 2098 { 2099 mac_perim_handle_t mph; 2100 2101 ASSERT(IAM_WRITER_ILL(ill)); 2102 2103 if (ill->ill_isv6) 2104 return; 2105 2106 ill_mac_perim_enter(ill, &mph); 2107 if (!ill->ill_isv6) { 2108 ill_capability_direct_enable(ill); 2109 ill_capability_poll_enable(ill); 2110 ill_capability_lso_enable(ill); 2111 } 2112 ill->ill_capabilities |= ILL_CAPAB_DLD; 2113 ill_mac_perim_exit(ill, mph); 2114 } 2115 2116 static void 2117 ill_capability_dld_disable(ill_t *ill) 2118 { 2119 ill_dld_capab_t *idc; 2120 ill_dld_direct_t *idd; 2121 mac_perim_handle_t mph; 2122 2123 ASSERT(IAM_WRITER_ILL(ill)); 2124 2125 if (!(ill->ill_capabilities & ILL_CAPAB_DLD)) 2126 return; 2127 2128 ill_mac_perim_enter(ill, &mph); 2129 2130 idc = ill->ill_dld_capab; 2131 if ((ill->ill_capabilities & ILL_CAPAB_DLD_DIRECT) != 0) { 2132 /* 2133 * For performance we avoid locks in the transmit data path 2134 * and don't maintain a count of the number of threads using 2135 * direct calls. Thus some threads could be using direct 2136 * transmit calls to GLD, even after the capability mechanism 2137 * turns it off. This is still safe since the handles used in 2138 * the direct calls continue to be valid until the unplumb is 2139 * completed. Remove the callback that was added (1-time) at 2140 * capab enable time. 2141 */ 2142 mutex_enter(&ill->ill_lock); 2143 ill->ill_capabilities &= ~ILL_CAPAB_DLD_DIRECT; 2144 mutex_exit(&ill->ill_lock); 2145 if (ill->ill_flownotify_mh != NULL) { 2146 idd = &idc->idc_direct; 2147 idd->idd_tx_cb_df(idd->idd_tx_cb_dh, NULL, 2148 ill->ill_flownotify_mh); 2149 ill->ill_flownotify_mh = NULL; 2150 } 2151 (void) idc->idc_capab_df(idc->idc_capab_dh, DLD_CAPAB_DIRECT, 2152 NULL, DLD_DISABLE); 2153 } 2154 2155 if ((ill->ill_capabilities & ILL_CAPAB_DLD_POLL) != 0) { 2156 ill->ill_capabilities &= ~ILL_CAPAB_DLD_POLL; 2157 ip_squeue_clean_all(ill); 2158 (void) idc->idc_capab_df(idc->idc_capab_dh, DLD_CAPAB_POLL, 2159 NULL, DLD_DISABLE); 2160 } 2161 2162 if ((ill->ill_capabilities & ILL_CAPAB_LSO) != 0) { 2163 ASSERT(ill->ill_lso_capab != NULL); 2164 /* 2165 * Clear the capability flag for LSO but retain the 2166 * ill_lso_capab structure since it's possible that another 2167 * thread is still referring to it. The structure only gets 2168 * deallocated when we destroy the ill. 2169 */ 2170 2171 ill->ill_capabilities &= ~ILL_CAPAB_LSO; 2172 (void) idc->idc_capab_df(idc->idc_capab_dh, DLD_CAPAB_LSO, 2173 NULL, DLD_DISABLE); 2174 } 2175 2176 ill->ill_capabilities &= ~ILL_CAPAB_DLD; 2177 ill_mac_perim_exit(ill, mph); 2178 } 2179 2180 /* 2181 * Capability Negotiation protocol 2182 * 2183 * We don't wait for DLPI capability operations to finish during interface 2184 * bringup or teardown. Doing so would introduce more asynchrony and the 2185 * interface up/down operations will need multiple return and restarts. 2186 * Instead the 'ipsq_current_ipif' of the ipsq is not cleared as long as 2187 * the 'ill_dlpi_deferred' chain is non-empty. This ensures that the next 2188 * exclusive operation won't start until the DLPI operations of the previous 2189 * exclusive operation complete. 2190 * 2191 * The capability state machine is shown below. 2192 * 2193 * state next state event, action 2194 * 2195 * IDCS_UNKNOWN IDCS_PROBE_SENT ill_capability_probe 2196 * IDCS_PROBE_SENT IDCS_OK ill_capability_ack 2197 * IDCS_PROBE_SENT IDCS_FAILED ip_rput_dlpi_writer (nack) 2198 * IDCS_OK IDCS_RENEG Receipt of DL_NOTE_CAPAB_RENEG 2199 * IDCS_OK IDCS_RESET_SENT ill_capability_reset 2200 * IDCS_RESET_SENT IDCS_UNKNOWN ill_capability_ack_thr 2201 * IDCS_RENEG IDCS_PROBE_SENT ill_capability_ack_thr -> 2202 * ill_capability_probe. 2203 */ 2204 2205 /* 2206 * Dedicated thread started from ip_stack_init that handles capability 2207 * disable. This thread ensures the taskq dispatch does not fail by waiting 2208 * for resources using TQ_SLEEP. The taskq mechanism is used to ensure 2209 * that direct calls to DLD are done in a cv_waitable context. 2210 */ 2211 void 2212 ill_taskq_dispatch(ip_stack_t *ipst) 2213 { 2214 callb_cpr_t cprinfo; 2215 char name[64]; 2216 mblk_t *mp; 2217 2218 (void) snprintf(name, sizeof (name), "ill_taskq_dispatch_%d", 2219 ipst->ips_netstack->netstack_stackid); 2220 CALLB_CPR_INIT(&cprinfo, &ipst->ips_capab_taskq_lock, callb_generic_cpr, 2221 name); 2222 mutex_enter(&ipst->ips_capab_taskq_lock); 2223 2224 for (;;) { 2225 mp = ipst->ips_capab_taskq_head; 2226 while (mp != NULL) { 2227 ipst->ips_capab_taskq_head = mp->b_next; 2228 if (ipst->ips_capab_taskq_head == NULL) 2229 ipst->ips_capab_taskq_tail = NULL; 2230 mutex_exit(&ipst->ips_capab_taskq_lock); 2231 mp->b_next = NULL; 2232 2233 VERIFY(taskq_dispatch(system_taskq, 2234 ill_capability_ack_thr, mp, TQ_SLEEP) != 0); 2235 mutex_enter(&ipst->ips_capab_taskq_lock); 2236 mp = ipst->ips_capab_taskq_head; 2237 } 2238 2239 if (ipst->ips_capab_taskq_quit) 2240 break; 2241 CALLB_CPR_SAFE_BEGIN(&cprinfo); 2242 cv_wait(&ipst->ips_capab_taskq_cv, &ipst->ips_capab_taskq_lock); 2243 CALLB_CPR_SAFE_END(&cprinfo, &ipst->ips_capab_taskq_lock); 2244 } 2245 VERIFY(ipst->ips_capab_taskq_head == NULL); 2246 VERIFY(ipst->ips_capab_taskq_tail == NULL); 2247 CALLB_CPR_EXIT(&cprinfo); 2248 thread_exit(); 2249 } 2250 2251 /* 2252 * Consume a new-style hardware capabilities negotiation ack. 2253 * Called via taskq on receipt of DL_CAPABILITY_ACK. 2254 */ 2255 static void 2256 ill_capability_ack_thr(void *arg) 2257 { 2258 mblk_t *mp = arg; 2259 dl_capability_ack_t *capp; 2260 dl_capability_sub_t *subp, *endp; 2261 ill_t *ill; 2262 boolean_t reneg; 2263 2264 ill = (ill_t *)mp->b_prev; 2265 mp->b_prev = NULL; 2266 2267 VERIFY(ipsq_enter(ill, B_FALSE, CUR_OP) == B_TRUE); 2268 2269 if (ill->ill_dlpi_capab_state == IDCS_RESET_SENT || 2270 ill->ill_dlpi_capab_state == IDCS_RENEG) { 2271 /* 2272 * We have received the ack for our DL_CAPAB reset request. 2273 * There isnt' anything in the message that needs processing. 2274 * All message based capabilities have been disabled, now 2275 * do the function call based capability disable. 2276 */ 2277 reneg = ill->ill_dlpi_capab_state == IDCS_RENEG; 2278 ill_capability_dld_disable(ill); 2279 ill->ill_dlpi_capab_state = IDCS_UNKNOWN; 2280 if (reneg) 2281 ill_capability_probe(ill); 2282 goto done; 2283 } 2284 2285 if (ill->ill_dlpi_capab_state == IDCS_PROBE_SENT) 2286 ill->ill_dlpi_capab_state = IDCS_OK; 2287 2288 capp = (dl_capability_ack_t *)mp->b_rptr; 2289 2290 if (capp->dl_sub_length == 0) { 2291 /* no new-style capabilities */ 2292 goto done; 2293 } 2294 2295 /* make sure the driver supplied correct dl_sub_length */ 2296 if ((sizeof (*capp) + capp->dl_sub_length) > MBLKL(mp)) { 2297 ip0dbg(("ill_capability_ack: bad DL_CAPABILITY_ACK, " 2298 "invalid dl_sub_length (%d)\n", capp->dl_sub_length)); 2299 goto done; 2300 } 2301 2302 #define SC(base, offset) (dl_capability_sub_t *)(((uchar_t *)(base))+(offset)) 2303 /* 2304 * There are sub-capabilities. Process the ones we know about. 2305 * Loop until we don't have room for another sub-cap header.. 2306 */ 2307 for (subp = SC(capp, capp->dl_sub_offset), 2308 endp = SC(subp, capp->dl_sub_length - sizeof (*subp)); 2309 subp <= endp; 2310 subp = SC(subp, sizeof (dl_capability_sub_t) + subp->dl_length)) { 2311 2312 switch (subp->dl_cap) { 2313 case DL_CAPAB_ID_WRAPPER: 2314 ill_capability_id_ack(ill, mp, subp); 2315 break; 2316 default: 2317 ill_capability_dispatch(ill, mp, subp); 2318 break; 2319 } 2320 } 2321 #undef SC 2322 done: 2323 inet_freemsg(mp); 2324 ill_capability_done(ill); 2325 ipsq_exit(ill->ill_phyint->phyint_ipsq); 2326 } 2327 2328 /* 2329 * This needs to be started in a taskq thread to provide a cv_waitable 2330 * context. 2331 */ 2332 void 2333 ill_capability_ack(ill_t *ill, mblk_t *mp) 2334 { 2335 ip_stack_t *ipst = ill->ill_ipst; 2336 2337 mp->b_prev = (mblk_t *)ill; 2338 ASSERT(mp->b_next == NULL); 2339 2340 if (taskq_dispatch(system_taskq, ill_capability_ack_thr, mp, 2341 TQ_NOSLEEP) != 0) 2342 return; 2343 2344 /* 2345 * The taskq dispatch failed. Signal the ill_taskq_dispatch thread 2346 * which will do the dispatch using TQ_SLEEP to guarantee success. 2347 */ 2348 mutex_enter(&ipst->ips_capab_taskq_lock); 2349 if (ipst->ips_capab_taskq_head == NULL) { 2350 ASSERT(ipst->ips_capab_taskq_tail == NULL); 2351 ipst->ips_capab_taskq_head = mp; 2352 } else { 2353 ipst->ips_capab_taskq_tail->b_next = mp; 2354 } 2355 ipst->ips_capab_taskq_tail = mp; 2356 2357 cv_signal(&ipst->ips_capab_taskq_cv); 2358 mutex_exit(&ipst->ips_capab_taskq_lock); 2359 } 2360 2361 /* 2362 * This routine is called to scan the fragmentation reassembly table for 2363 * the specified ILL for any packets that are starting to smell. 2364 * dead_interval is the maximum time in seconds that will be tolerated. It 2365 * will either be the value specified in ip_g_frag_timeout, or zero if the 2366 * ILL is shutting down and it is time to blow everything off. 2367 * 2368 * It returns the number of seconds (as a time_t) that the next frag timer 2369 * should be scheduled for, 0 meaning that the timer doesn't need to be 2370 * re-started. Note that the method of calculating next_timeout isn't 2371 * entirely accurate since time will flow between the time we grab 2372 * current_time and the time we schedule the next timeout. This isn't a 2373 * big problem since this is the timer for sending an ICMP reassembly time 2374 * exceeded messages, and it doesn't have to be exactly accurate. 2375 * 2376 * This function is 2377 * sometimes called as writer, although this is not required. 2378 */ 2379 time_t 2380 ill_frag_timeout(ill_t *ill, time_t dead_interval) 2381 { 2382 ipfb_t *ipfb; 2383 ipfb_t *endp; 2384 ipf_t *ipf; 2385 ipf_t *ipfnext; 2386 mblk_t *mp; 2387 time_t current_time = gethrestime_sec(); 2388 time_t next_timeout = 0; 2389 uint32_t hdr_length; 2390 mblk_t *send_icmp_head; 2391 mblk_t *send_icmp_head_v6; 2392 ip_stack_t *ipst = ill->ill_ipst; 2393 ip_recv_attr_t iras; 2394 2395 bzero(&iras, sizeof (iras)); 2396 iras.ira_flags = 0; 2397 iras.ira_ill = iras.ira_rill = ill; 2398 iras.ira_ruifindex = ill->ill_phyint->phyint_ifindex; 2399 iras.ira_rifindex = iras.ira_ruifindex; 2400 2401 ipfb = ill->ill_frag_hash_tbl; 2402 if (ipfb == NULL) 2403 return (B_FALSE); 2404 endp = &ipfb[ILL_FRAG_HASH_TBL_COUNT]; 2405 /* Walk the frag hash table. */ 2406 for (; ipfb < endp; ipfb++) { 2407 send_icmp_head = NULL; 2408 send_icmp_head_v6 = NULL; 2409 mutex_enter(&ipfb->ipfb_lock); 2410 while ((ipf = ipfb->ipfb_ipf) != 0) { 2411 time_t frag_time = current_time - ipf->ipf_timestamp; 2412 time_t frag_timeout; 2413 2414 if (frag_time < dead_interval) { 2415 /* 2416 * There are some outstanding fragments 2417 * that will timeout later. Make note of 2418 * the time so that we can reschedule the 2419 * next timeout appropriately. 2420 */ 2421 frag_timeout = dead_interval - frag_time; 2422 if (next_timeout == 0 || 2423 frag_timeout < next_timeout) { 2424 next_timeout = frag_timeout; 2425 } 2426 break; 2427 } 2428 /* Time's up. Get it out of here. */ 2429 hdr_length = ipf->ipf_nf_hdr_len; 2430 ipfnext = ipf->ipf_hash_next; 2431 if (ipfnext) 2432 ipfnext->ipf_ptphn = ipf->ipf_ptphn; 2433 *ipf->ipf_ptphn = ipfnext; 2434 mp = ipf->ipf_mp->b_cont; 2435 for (; mp; mp = mp->b_cont) { 2436 /* Extra points for neatness. */ 2437 IP_REASS_SET_START(mp, 0); 2438 IP_REASS_SET_END(mp, 0); 2439 } 2440 mp = ipf->ipf_mp->b_cont; 2441 atomic_add_32(&ill->ill_frag_count, -ipf->ipf_count); 2442 ASSERT(ipfb->ipfb_count >= ipf->ipf_count); 2443 ipfb->ipfb_count -= ipf->ipf_count; 2444 ASSERT(ipfb->ipfb_frag_pkts > 0); 2445 ipfb->ipfb_frag_pkts--; 2446 /* 2447 * We do not send any icmp message from here because 2448 * we currently are holding the ipfb_lock for this 2449 * hash chain. If we try and send any icmp messages 2450 * from here we may end up via a put back into ip 2451 * trying to get the same lock, causing a recursive 2452 * mutex panic. Instead we build a list and send all 2453 * the icmp messages after we have dropped the lock. 2454 */ 2455 if (ill->ill_isv6) { 2456 if (hdr_length != 0) { 2457 mp->b_next = send_icmp_head_v6; 2458 send_icmp_head_v6 = mp; 2459 } else { 2460 freemsg(mp); 2461 } 2462 } else { 2463 if (hdr_length != 0) { 2464 mp->b_next = send_icmp_head; 2465 send_icmp_head = mp; 2466 } else { 2467 freemsg(mp); 2468 } 2469 } 2470 BUMP_MIB(ill->ill_ip_mib, ipIfStatsReasmFails); 2471 ip_drop_input("ipIfStatsReasmFails", ipf->ipf_mp, ill); 2472 freeb(ipf->ipf_mp); 2473 } 2474 mutex_exit(&ipfb->ipfb_lock); 2475 /* 2476 * Now need to send any icmp messages that we delayed from 2477 * above. 2478 */ 2479 while (send_icmp_head_v6 != NULL) { 2480 ip6_t *ip6h; 2481 2482 mp = send_icmp_head_v6; 2483 send_icmp_head_v6 = send_icmp_head_v6->b_next; 2484 mp->b_next = NULL; 2485 ip6h = (ip6_t *)mp->b_rptr; 2486 iras.ira_flags = 0; 2487 /* 2488 * This will result in an incorrect ALL_ZONES zoneid 2489 * for multicast packets, but we 2490 * don't send ICMP errors for those in any case. 2491 */ 2492 iras.ira_zoneid = 2493 ipif_lookup_addr_zoneid_v6(&ip6h->ip6_dst, 2494 ill, ipst); 2495 ip_drop_input("ICMP_TIME_EXCEEDED reass", mp, ill); 2496 icmp_time_exceeded_v6(mp, 2497 ICMP_REASSEMBLY_TIME_EXCEEDED, B_FALSE, 2498 &iras); 2499 ASSERT(!(iras.ira_flags & IRAF_IPSEC_SECURE)); 2500 } 2501 while (send_icmp_head != NULL) { 2502 ipaddr_t dst; 2503 2504 mp = send_icmp_head; 2505 send_icmp_head = send_icmp_head->b_next; 2506 mp->b_next = NULL; 2507 2508 dst = ((ipha_t *)mp->b_rptr)->ipha_dst; 2509 2510 iras.ira_flags = IRAF_IS_IPV4; 2511 /* 2512 * This will result in an incorrect ALL_ZONES zoneid 2513 * for broadcast and multicast packets, but we 2514 * don't send ICMP errors for those in any case. 2515 */ 2516 iras.ira_zoneid = ipif_lookup_addr_zoneid(dst, 2517 ill, ipst); 2518 ip_drop_input("ICMP_TIME_EXCEEDED reass", mp, ill); 2519 icmp_time_exceeded(mp, 2520 ICMP_REASSEMBLY_TIME_EXCEEDED, &iras); 2521 ASSERT(!(iras.ira_flags & IRAF_IPSEC_SECURE)); 2522 } 2523 } 2524 /* 2525 * A non-dying ILL will use the return value to decide whether to 2526 * restart the frag timer, and for how long. 2527 */ 2528 return (next_timeout); 2529 } 2530 2531 /* 2532 * This routine is called when the approximate count of mblk memory used 2533 * for the specified ILL has exceeded max_count. 2534 */ 2535 void 2536 ill_frag_prune(ill_t *ill, uint_t max_count) 2537 { 2538 ipfb_t *ipfb; 2539 ipf_t *ipf; 2540 size_t count; 2541 clock_t now; 2542 2543 /* 2544 * If we are here within ip_min_frag_prune_time msecs remove 2545 * ill_frag_free_num_pkts oldest packets from each bucket and increment 2546 * ill_frag_free_num_pkts. 2547 */ 2548 mutex_enter(&ill->ill_lock); 2549 now = ddi_get_lbolt(); 2550 if (TICK_TO_MSEC(now - ill->ill_last_frag_clean_time) <= 2551 (ip_min_frag_prune_time != 0 ? 2552 ip_min_frag_prune_time : msec_per_tick)) { 2553 2554 ill->ill_frag_free_num_pkts++; 2555 2556 } else { 2557 ill->ill_frag_free_num_pkts = 0; 2558 } 2559 ill->ill_last_frag_clean_time = now; 2560 mutex_exit(&ill->ill_lock); 2561 2562 /* 2563 * free ill_frag_free_num_pkts oldest packets from each bucket. 2564 */ 2565 if (ill->ill_frag_free_num_pkts != 0) { 2566 int ix; 2567 2568 for (ix = 0; ix < ILL_FRAG_HASH_TBL_COUNT; ix++) { 2569 ipfb = &ill->ill_frag_hash_tbl[ix]; 2570 mutex_enter(&ipfb->ipfb_lock); 2571 if (ipfb->ipfb_ipf != NULL) { 2572 ill_frag_free_pkts(ill, ipfb, ipfb->ipfb_ipf, 2573 ill->ill_frag_free_num_pkts); 2574 } 2575 mutex_exit(&ipfb->ipfb_lock); 2576 } 2577 } 2578 /* 2579 * While the reassembly list for this ILL is too big, prune a fragment 2580 * queue by age, oldest first. 2581 */ 2582 while (ill->ill_frag_count > max_count) { 2583 int ix; 2584 ipfb_t *oipfb = NULL; 2585 uint_t oldest = UINT_MAX; 2586 2587 count = 0; 2588 for (ix = 0; ix < ILL_FRAG_HASH_TBL_COUNT; ix++) { 2589 ipfb = &ill->ill_frag_hash_tbl[ix]; 2590 mutex_enter(&ipfb->ipfb_lock); 2591 ipf = ipfb->ipfb_ipf; 2592 if (ipf != NULL && ipf->ipf_gen < oldest) { 2593 oldest = ipf->ipf_gen; 2594 oipfb = ipfb; 2595 } 2596 count += ipfb->ipfb_count; 2597 mutex_exit(&ipfb->ipfb_lock); 2598 } 2599 if (oipfb == NULL) 2600 break; 2601 2602 if (count <= max_count) 2603 return; /* Somebody beat us to it, nothing to do */ 2604 mutex_enter(&oipfb->ipfb_lock); 2605 ipf = oipfb->ipfb_ipf; 2606 if (ipf != NULL) { 2607 ill_frag_free_pkts(ill, oipfb, ipf, 1); 2608 } 2609 mutex_exit(&oipfb->ipfb_lock); 2610 } 2611 } 2612 2613 /* 2614 * free 'free_cnt' fragmented packets starting at ipf. 2615 */ 2616 void 2617 ill_frag_free_pkts(ill_t *ill, ipfb_t *ipfb, ipf_t *ipf, int free_cnt) 2618 { 2619 size_t count; 2620 mblk_t *mp; 2621 mblk_t *tmp; 2622 ipf_t **ipfp = ipf->ipf_ptphn; 2623 2624 ASSERT(MUTEX_HELD(&ipfb->ipfb_lock)); 2625 ASSERT(ipfp != NULL); 2626 ASSERT(ipf != NULL); 2627 2628 while (ipf != NULL && free_cnt-- > 0) { 2629 count = ipf->ipf_count; 2630 mp = ipf->ipf_mp; 2631 ipf = ipf->ipf_hash_next; 2632 for (tmp = mp; tmp; tmp = tmp->b_cont) { 2633 IP_REASS_SET_START(tmp, 0); 2634 IP_REASS_SET_END(tmp, 0); 2635 } 2636 atomic_add_32(&ill->ill_frag_count, -count); 2637 ASSERT(ipfb->ipfb_count >= count); 2638 ipfb->ipfb_count -= count; 2639 ASSERT(ipfb->ipfb_frag_pkts > 0); 2640 ipfb->ipfb_frag_pkts--; 2641 BUMP_MIB(ill->ill_ip_mib, ipIfStatsReasmFails); 2642 ip_drop_input("ipIfStatsReasmFails", mp, ill); 2643 freemsg(mp); 2644 } 2645 2646 if (ipf) 2647 ipf->ipf_ptphn = ipfp; 2648 ipfp[0] = ipf; 2649 } 2650 2651 /* 2652 * Helper function for ill_forward_set(). 2653 */ 2654 static void 2655 ill_forward_set_on_ill(ill_t *ill, boolean_t enable) 2656 { 2657 ip_stack_t *ipst = ill->ill_ipst; 2658 2659 ASSERT(IAM_WRITER_ILL(ill) || RW_READ_HELD(&ipst->ips_ill_g_lock)); 2660 2661 ip1dbg(("ill_forward_set: %s %s forwarding on %s", 2662 (enable ? "Enabling" : "Disabling"), 2663 (ill->ill_isv6 ? "IPv6" : "IPv4"), ill->ill_name)); 2664 mutex_enter(&ill->ill_lock); 2665 if (enable) 2666 ill->ill_flags |= ILLF_ROUTER; 2667 else 2668 ill->ill_flags &= ~ILLF_ROUTER; 2669 mutex_exit(&ill->ill_lock); 2670 if (ill->ill_isv6) 2671 ill_set_nce_router_flags(ill, enable); 2672 /* Notify routing socket listeners of this change. */ 2673 if (ill->ill_ipif != NULL) 2674 ip_rts_ifmsg(ill->ill_ipif, RTSQ_DEFAULT); 2675 } 2676 2677 /* 2678 * Set an ill's ILLF_ROUTER flag appropriately. Send up RTS_IFINFO routing 2679 * socket messages for each interface whose flags we change. 2680 */ 2681 int 2682 ill_forward_set(ill_t *ill, boolean_t enable) 2683 { 2684 ipmp_illgrp_t *illg; 2685 ip_stack_t *ipst = ill->ill_ipst; 2686 2687 ASSERT(IAM_WRITER_ILL(ill) || RW_READ_HELD(&ipst->ips_ill_g_lock)); 2688 2689 if ((enable && (ill->ill_flags & ILLF_ROUTER)) || 2690 (!enable && !(ill->ill_flags & ILLF_ROUTER))) 2691 return (0); 2692 2693 if (IS_LOOPBACK(ill)) 2694 return (EINVAL); 2695 2696 if (enable && ill->ill_allowed_ips_cnt > 0) 2697 return (EPERM); 2698 2699 if (IS_IPMP(ill) || IS_UNDER_IPMP(ill)) { 2700 /* 2701 * Update all of the interfaces in the group. 2702 */ 2703 illg = ill->ill_grp; 2704 ill = list_head(&illg->ig_if); 2705 for (; ill != NULL; ill = list_next(&illg->ig_if, ill)) 2706 ill_forward_set_on_ill(ill, enable); 2707 2708 /* 2709 * Update the IPMP meta-interface. 2710 */ 2711 ill_forward_set_on_ill(ipmp_illgrp_ipmp_ill(illg), enable); 2712 return (0); 2713 } 2714 2715 ill_forward_set_on_ill(ill, enable); 2716 return (0); 2717 } 2718 2719 /* 2720 * Based on the ILLF_ROUTER flag of an ill, make sure all local nce's for 2721 * addresses assigned to the ill have the NCE_F_ISROUTER flag appropriately 2722 * set or clear. 2723 */ 2724 static void 2725 ill_set_nce_router_flags(ill_t *ill, boolean_t enable) 2726 { 2727 ipif_t *ipif; 2728 ncec_t *ncec; 2729 nce_t *nce; 2730 2731 for (ipif = ill->ill_ipif; ipif != NULL; ipif = ipif->ipif_next) { 2732 /* 2733 * NOTE: we match across the illgrp because nce's for 2734 * addresses on IPMP interfaces have an nce_ill that points to 2735 * the bound underlying ill. 2736 */ 2737 nce = nce_lookup_v6(ill, &ipif->ipif_v6lcl_addr); 2738 if (nce != NULL) { 2739 ncec = nce->nce_common; 2740 mutex_enter(&ncec->ncec_lock); 2741 if (enable) 2742 ncec->ncec_flags |= NCE_F_ISROUTER; 2743 else 2744 ncec->ncec_flags &= ~NCE_F_ISROUTER; 2745 mutex_exit(&ncec->ncec_lock); 2746 nce_refrele(nce); 2747 } 2748 } 2749 } 2750 2751 /* 2752 * Intializes the context structure and returns the first ill in the list 2753 * cuurently start_list and end_list can have values: 2754 * MAX_G_HEADS Traverse both IPV4 and IPV6 lists. 2755 * IP_V4_G_HEAD Traverse IPV4 list only. 2756 * IP_V6_G_HEAD Traverse IPV6 list only. 2757 */ 2758 2759 /* 2760 * We don't check for CONDEMNED ills here. Caller must do that if 2761 * necessary under the ill lock. 2762 */ 2763 ill_t * 2764 ill_first(int start_list, int end_list, ill_walk_context_t *ctx, 2765 ip_stack_t *ipst) 2766 { 2767 ill_if_t *ifp; 2768 ill_t *ill; 2769 avl_tree_t *avl_tree; 2770 2771 ASSERT(RW_LOCK_HELD(&ipst->ips_ill_g_lock)); 2772 ASSERT(end_list <= MAX_G_HEADS && start_list >= 0); 2773 2774 /* 2775 * setup the lists to search 2776 */ 2777 if (end_list != MAX_G_HEADS) { 2778 ctx->ctx_current_list = start_list; 2779 ctx->ctx_last_list = end_list; 2780 } else { 2781 ctx->ctx_last_list = MAX_G_HEADS - 1; 2782 ctx->ctx_current_list = 0; 2783 } 2784 2785 while (ctx->ctx_current_list <= ctx->ctx_last_list) { 2786 ifp = IP_VX_ILL_G_LIST(ctx->ctx_current_list, ipst); 2787 if (ifp != (ill_if_t *) 2788 &IP_VX_ILL_G_LIST(ctx->ctx_current_list, ipst)) { 2789 avl_tree = &ifp->illif_avl_by_ppa; 2790 ill = avl_first(avl_tree); 2791 /* 2792 * ill is guaranteed to be non NULL or ifp should have 2793 * not existed. 2794 */ 2795 ASSERT(ill != NULL); 2796 return (ill); 2797 } 2798 ctx->ctx_current_list++; 2799 } 2800 2801 return (NULL); 2802 } 2803 2804 /* 2805 * returns the next ill in the list. ill_first() must have been called 2806 * before calling ill_next() or bad things will happen. 2807 */ 2808 2809 /* 2810 * We don't check for CONDEMNED ills here. Caller must do that if 2811 * necessary under the ill lock. 2812 */ 2813 ill_t * 2814 ill_next(ill_walk_context_t *ctx, ill_t *lastill) 2815 { 2816 ill_if_t *ifp; 2817 ill_t *ill; 2818 ip_stack_t *ipst = lastill->ill_ipst; 2819 2820 ASSERT(lastill->ill_ifptr != (ill_if_t *) 2821 &IP_VX_ILL_G_LIST(ctx->ctx_current_list, ipst)); 2822 if ((ill = avl_walk(&lastill->ill_ifptr->illif_avl_by_ppa, lastill, 2823 AVL_AFTER)) != NULL) { 2824 return (ill); 2825 } 2826 2827 /* goto next ill_ifp in the list. */ 2828 ifp = lastill->ill_ifptr->illif_next; 2829 2830 /* make sure not at end of circular list */ 2831 while (ifp == 2832 (ill_if_t *)&IP_VX_ILL_G_LIST(ctx->ctx_current_list, ipst)) { 2833 if (++ctx->ctx_current_list > ctx->ctx_last_list) 2834 return (NULL); 2835 ifp = IP_VX_ILL_G_LIST(ctx->ctx_current_list, ipst); 2836 } 2837 2838 return (avl_first(&ifp->illif_avl_by_ppa)); 2839 } 2840 2841 /* 2842 * Check interface name for correct format: [a-zA-Z]+[a-zA-Z0-9._]*[0-9]+ 2843 * The final number (PPA) must not have any leading zeros. Upon success, a 2844 * pointer to the start of the PPA is returned; otherwise NULL is returned. 2845 */ 2846 static char * 2847 ill_get_ppa_ptr(char *name) 2848 { 2849 int namelen = strlen(name); 2850 int end_ndx = namelen - 1; 2851 int ppa_ndx, i; 2852 2853 /* 2854 * Check that the first character is [a-zA-Z], and that the last 2855 * character is [0-9]. 2856 */ 2857 if (namelen == 0 || !isalpha(name[0]) || !isdigit(name[end_ndx])) 2858 return (NULL); 2859 2860 /* 2861 * Set `ppa_ndx' to the PPA start, and check for leading zeroes. 2862 */ 2863 for (ppa_ndx = end_ndx; ppa_ndx > 0; ppa_ndx--) 2864 if (!isdigit(name[ppa_ndx - 1])) 2865 break; 2866 2867 if (name[ppa_ndx] == '0' && ppa_ndx < end_ndx) 2868 return (NULL); 2869 2870 /* 2871 * Check that the intermediate characters are [a-z0-9.] 2872 */ 2873 for (i = 1; i < ppa_ndx; i++) { 2874 if (!isalpha(name[i]) && !isdigit(name[i]) && 2875 name[i] != '.' && name[i] != '_') { 2876 return (NULL); 2877 } 2878 } 2879 2880 return (name + ppa_ndx); 2881 } 2882 2883 /* 2884 * use avl tree to locate the ill. 2885 */ 2886 static ill_t * 2887 ill_find_by_name(char *name, boolean_t isv6, ip_stack_t *ipst) 2888 { 2889 char *ppa_ptr = NULL; 2890 int len; 2891 uint_t ppa; 2892 ill_t *ill = NULL; 2893 ill_if_t *ifp; 2894 int list; 2895 2896 /* 2897 * get ppa ptr 2898 */ 2899 if (isv6) 2900 list = IP_V6_G_HEAD; 2901 else 2902 list = IP_V4_G_HEAD; 2903 2904 if ((ppa_ptr = ill_get_ppa_ptr(name)) == NULL) { 2905 return (NULL); 2906 } 2907 2908 len = ppa_ptr - name + 1; 2909 2910 ppa = stoi(&ppa_ptr); 2911 2912 ifp = IP_VX_ILL_G_LIST(list, ipst); 2913 2914 while (ifp != (ill_if_t *)&IP_VX_ILL_G_LIST(list, ipst)) { 2915 /* 2916 * match is done on len - 1 as the name is not null 2917 * terminated it contains ppa in addition to the interface 2918 * name. 2919 */ 2920 if ((ifp->illif_name_len == len) && 2921 bcmp(ifp->illif_name, name, len - 1) == 0) { 2922 break; 2923 } else { 2924 ifp = ifp->illif_next; 2925 } 2926 } 2927 2928 if (ifp == (ill_if_t *)&IP_VX_ILL_G_LIST(list, ipst)) { 2929 /* 2930 * Even the interface type does not exist. 2931 */ 2932 return (NULL); 2933 } 2934 2935 ill = avl_find(&ifp->illif_avl_by_ppa, (void *) &ppa, NULL); 2936 if (ill != NULL) { 2937 mutex_enter(&ill->ill_lock); 2938 if (ILL_CAN_LOOKUP(ill)) { 2939 ill_refhold_locked(ill); 2940 mutex_exit(&ill->ill_lock); 2941 return (ill); 2942 } 2943 mutex_exit(&ill->ill_lock); 2944 } 2945 return (NULL); 2946 } 2947 2948 /* 2949 * comparison function for use with avl. 2950 */ 2951 static int 2952 ill_compare_ppa(const void *ppa_ptr, const void *ill_ptr) 2953 { 2954 uint_t ppa; 2955 uint_t ill_ppa; 2956 2957 ASSERT(ppa_ptr != NULL && ill_ptr != NULL); 2958 2959 ppa = *((uint_t *)ppa_ptr); 2960 ill_ppa = ((const ill_t *)ill_ptr)->ill_ppa; 2961 /* 2962 * We want the ill with the lowest ppa to be on the 2963 * top. 2964 */ 2965 if (ill_ppa < ppa) 2966 return (1); 2967 if (ill_ppa > ppa) 2968 return (-1); 2969 return (0); 2970 } 2971 2972 /* 2973 * remove an interface type from the global list. 2974 */ 2975 static void 2976 ill_delete_interface_type(ill_if_t *interface) 2977 { 2978 ASSERT(interface != NULL); 2979 ASSERT(avl_numnodes(&interface->illif_avl_by_ppa) == 0); 2980 2981 avl_destroy(&interface->illif_avl_by_ppa); 2982 if (interface->illif_ppa_arena != NULL) 2983 vmem_destroy(interface->illif_ppa_arena); 2984 2985 remque(interface); 2986 2987 mi_free(interface); 2988 } 2989 2990 /* 2991 * remove ill from the global list. 2992 */ 2993 static void 2994 ill_glist_delete(ill_t *ill) 2995 { 2996 ip_stack_t *ipst; 2997 phyint_t *phyi; 2998 2999 if (ill == NULL) 3000 return; 3001 ipst = ill->ill_ipst; 3002 rw_enter(&ipst->ips_ill_g_lock, RW_WRITER); 3003 3004 /* 3005 * If the ill was never inserted into the AVL tree 3006 * we skip the if branch. 3007 */ 3008 if (ill->ill_ifptr != NULL) { 3009 /* 3010 * remove from AVL tree and free ppa number 3011 */ 3012 avl_remove(&ill->ill_ifptr->illif_avl_by_ppa, ill); 3013 3014 if (ill->ill_ifptr->illif_ppa_arena != NULL) { 3015 vmem_free(ill->ill_ifptr->illif_ppa_arena, 3016 (void *)(uintptr_t)(ill->ill_ppa+1), 1); 3017 } 3018 if (avl_numnodes(&ill->ill_ifptr->illif_avl_by_ppa) == 0) { 3019 ill_delete_interface_type(ill->ill_ifptr); 3020 } 3021 3022 /* 3023 * Indicate ill is no longer in the list. 3024 */ 3025 ill->ill_ifptr = NULL; 3026 ill->ill_name_length = 0; 3027 ill->ill_name[0] = '\0'; 3028 ill->ill_ppa = UINT_MAX; 3029 } 3030 3031 /* Generate one last event for this ill. */ 3032 ill_nic_event_dispatch(ill, 0, NE_UNPLUMB, ill->ill_name, 3033 ill->ill_name_length); 3034 3035 ASSERT(ill->ill_phyint != NULL); 3036 phyi = ill->ill_phyint; 3037 ill->ill_phyint = NULL; 3038 3039 /* 3040 * ill_init allocates a phyint always to store the copy 3041 * of flags relevant to phyint. At that point in time, we could 3042 * not assign the name and hence phyint_illv4/v6 could not be 3043 * initialized. Later in ipif_set_values, we assign the name to 3044 * the ill, at which point in time we assign phyint_illv4/v6. 3045 * Thus we don't rely on phyint_illv6 to be initialized always. 3046 */ 3047 if (ill->ill_flags & ILLF_IPV6) 3048 phyi->phyint_illv6 = NULL; 3049 else 3050 phyi->phyint_illv4 = NULL; 3051 3052 if (phyi->phyint_illv4 != NULL || phyi->phyint_illv6 != NULL) { 3053 rw_exit(&ipst->ips_ill_g_lock); 3054 return; 3055 } 3056 3057 /* 3058 * There are no ills left on this phyint; pull it out of the phyint 3059 * avl trees, and free it. 3060 */ 3061 if (phyi->phyint_ifindex > 0) { 3062 avl_remove(&ipst->ips_phyint_g_list->phyint_list_avl_by_index, 3063 phyi); 3064 avl_remove(&ipst->ips_phyint_g_list->phyint_list_avl_by_name, 3065 phyi); 3066 } 3067 rw_exit(&ipst->ips_ill_g_lock); 3068 3069 phyint_free(phyi); 3070 } 3071 3072 /* 3073 * allocate a ppa, if the number of plumbed interfaces of this type are 3074 * less than ill_no_arena do a linear search to find a unused ppa. 3075 * When the number goes beyond ill_no_arena switch to using an arena. 3076 * Note: ppa value of zero cannot be allocated from vmem_arena as it 3077 * is the return value for an error condition, so allocation starts at one 3078 * and is decremented by one. 3079 */ 3080 static int 3081 ill_alloc_ppa(ill_if_t *ifp, ill_t *ill) 3082 { 3083 ill_t *tmp_ill; 3084 uint_t start, end; 3085 int ppa; 3086 3087 if (ifp->illif_ppa_arena == NULL && 3088 (avl_numnodes(&ifp->illif_avl_by_ppa) + 1 > ill_no_arena)) { 3089 /* 3090 * Create an arena. 3091 */ 3092 ifp->illif_ppa_arena = vmem_create(ifp->illif_name, 3093 (void *)1, UINT_MAX - 1, 1, NULL, NULL, 3094 NULL, 0, VM_SLEEP | VMC_IDENTIFIER); 3095 /* allocate what has already been assigned */ 3096 for (tmp_ill = avl_first(&ifp->illif_avl_by_ppa); 3097 tmp_ill != NULL; tmp_ill = avl_walk(&ifp->illif_avl_by_ppa, 3098 tmp_ill, AVL_AFTER)) { 3099 ppa = (int)(uintptr_t)vmem_xalloc(ifp->illif_ppa_arena, 3100 1, /* size */ 3101 1, /* align/quantum */ 3102 0, /* phase */ 3103 0, /* nocross */ 3104 /* minaddr */ 3105 (void *)((uintptr_t)tmp_ill->ill_ppa + 1), 3106 /* maxaddr */ 3107 (void *)((uintptr_t)tmp_ill->ill_ppa + 2), 3108 VM_NOSLEEP|VM_FIRSTFIT); 3109 if (ppa == 0) { 3110 ip1dbg(("ill_alloc_ppa: ppa allocation" 3111 " failed while switching")); 3112 vmem_destroy(ifp->illif_ppa_arena); 3113 ifp->illif_ppa_arena = NULL; 3114 break; 3115 } 3116 } 3117 } 3118 3119 if (ifp->illif_ppa_arena != NULL) { 3120 if (ill->ill_ppa == UINT_MAX) { 3121 ppa = (int)(uintptr_t)vmem_alloc(ifp->illif_ppa_arena, 3122 1, VM_NOSLEEP|VM_FIRSTFIT); 3123 if (ppa == 0) 3124 return (EAGAIN); 3125 ill->ill_ppa = --ppa; 3126 } else { 3127 ppa = (int)(uintptr_t)vmem_xalloc(ifp->illif_ppa_arena, 3128 1, /* size */ 3129 1, /* align/quantum */ 3130 0, /* phase */ 3131 0, /* nocross */ 3132 (void *)(uintptr_t)(ill->ill_ppa + 1), /* minaddr */ 3133 (void *)(uintptr_t)(ill->ill_ppa + 2), /* maxaddr */ 3134 VM_NOSLEEP|VM_FIRSTFIT); 3135 /* 3136 * Most likely the allocation failed because 3137 * the requested ppa was in use. 3138 */ 3139 if (ppa == 0) 3140 return (EEXIST); 3141 } 3142 return (0); 3143 } 3144 3145 /* 3146 * No arena is in use and not enough (>ill_no_arena) interfaces have 3147 * been plumbed to create one. Do a linear search to get a unused ppa. 3148 */ 3149 if (ill->ill_ppa == UINT_MAX) { 3150 end = UINT_MAX - 1; 3151 start = 0; 3152 } else { 3153 end = start = ill->ill_ppa; 3154 } 3155 3156 tmp_ill = avl_find(&ifp->illif_avl_by_ppa, (void *)&start, NULL); 3157 while (tmp_ill != NULL && tmp_ill->ill_ppa == start) { 3158 if (start++ >= end) { 3159 if (ill->ill_ppa == UINT_MAX) 3160 return (EAGAIN); 3161 else 3162 return (EEXIST); 3163 } 3164 tmp_ill = avl_walk(&ifp->illif_avl_by_ppa, tmp_ill, AVL_AFTER); 3165 } 3166 ill->ill_ppa = start; 3167 return (0); 3168 } 3169 3170 /* 3171 * Insert ill into the list of configured ill's. Once this function completes, 3172 * the ill is globally visible and is available through lookups. More precisely 3173 * this happens after the caller drops the ill_g_lock. 3174 */ 3175 static int 3176 ill_glist_insert(ill_t *ill, char *name, boolean_t isv6) 3177 { 3178 ill_if_t *ill_interface; 3179 avl_index_t where = 0; 3180 int error; 3181 int name_length; 3182 int index; 3183 boolean_t check_length = B_FALSE; 3184 ip_stack_t *ipst = ill->ill_ipst; 3185 3186 ASSERT(RW_WRITE_HELD(&ipst->ips_ill_g_lock)); 3187 3188 name_length = mi_strlen(name) + 1; 3189 3190 if (isv6) 3191 index = IP_V6_G_HEAD; 3192 else 3193 index = IP_V4_G_HEAD; 3194 3195 ill_interface = IP_VX_ILL_G_LIST(index, ipst); 3196 /* 3197 * Search for interface type based on name 3198 */ 3199 while (ill_interface != (ill_if_t *)&IP_VX_ILL_G_LIST(index, ipst)) { 3200 if ((ill_interface->illif_name_len == name_length) && 3201 (strcmp(ill_interface->illif_name, name) == 0)) { 3202 break; 3203 } 3204 ill_interface = ill_interface->illif_next; 3205 } 3206 3207 /* 3208 * Interface type not found, create one. 3209 */ 3210 if (ill_interface == (ill_if_t *)&IP_VX_ILL_G_LIST(index, ipst)) { 3211 ill_g_head_t ghead; 3212 3213 /* 3214 * allocate ill_if_t structure 3215 */ 3216 ill_interface = (ill_if_t *)mi_zalloc(sizeof (ill_if_t)); 3217 if (ill_interface == NULL) { 3218 return (ENOMEM); 3219 } 3220 3221 (void) strcpy(ill_interface->illif_name, name); 3222 ill_interface->illif_name_len = name_length; 3223 3224 avl_create(&ill_interface->illif_avl_by_ppa, 3225 ill_compare_ppa, sizeof (ill_t), 3226 offsetof(struct ill_s, ill_avl_byppa)); 3227 3228 /* 3229 * link the structure in the back to maintain order 3230 * of configuration for ifconfig output. 3231 */ 3232 ghead = ipst->ips_ill_g_heads[index]; 3233 insque(ill_interface, ghead.ill_g_list_tail); 3234 } 3235 3236 if (ill->ill_ppa == UINT_MAX) 3237 check_length = B_TRUE; 3238 3239 error = ill_alloc_ppa(ill_interface, ill); 3240 if (error != 0) { 3241 if (avl_numnodes(&ill_interface->illif_avl_by_ppa) == 0) 3242 ill_delete_interface_type(ill->ill_ifptr); 3243 return (error); 3244 } 3245 3246 /* 3247 * When the ppa is choosen by the system, check that there is 3248 * enough space to insert ppa. if a specific ppa was passed in this 3249 * check is not required as the interface name passed in will have 3250 * the right ppa in it. 3251 */ 3252 if (check_length) { 3253 /* 3254 * UINT_MAX - 1 should fit in 10 chars, alloc 12 chars. 3255 */ 3256 char buf[sizeof (uint_t) * 3]; 3257 3258 /* 3259 * convert ppa to string to calculate the amount of space 3260 * required for it in the name. 3261 */ 3262 numtos(ill->ill_ppa, buf); 3263 3264 /* Do we have enough space to insert ppa ? */ 3265 3266 if ((mi_strlen(name) + mi_strlen(buf) + 1) > LIFNAMSIZ) { 3267 /* Free ppa and interface type struct */ 3268 if (ill_interface->illif_ppa_arena != NULL) { 3269 vmem_free(ill_interface->illif_ppa_arena, 3270 (void *)(uintptr_t)(ill->ill_ppa+1), 1); 3271 } 3272 if (avl_numnodes(&ill_interface->illif_avl_by_ppa) == 0) 3273 ill_delete_interface_type(ill->ill_ifptr); 3274 3275 return (EINVAL); 3276 } 3277 } 3278 3279 (void) sprintf(ill->ill_name, "%s%u", name, ill->ill_ppa); 3280 ill->ill_name_length = mi_strlen(ill->ill_name) + 1; 3281 3282 (void) avl_find(&ill_interface->illif_avl_by_ppa, &ill->ill_ppa, 3283 &where); 3284 ill->ill_ifptr = ill_interface; 3285 avl_insert(&ill_interface->illif_avl_by_ppa, ill, where); 3286 3287 ill_phyint_reinit(ill); 3288 return (0); 3289 } 3290 3291 /* Initialize the per phyint ipsq used for serialization */ 3292 static boolean_t 3293 ipsq_init(ill_t *ill, boolean_t enter) 3294 { 3295 ipsq_t *ipsq; 3296 ipxop_t *ipx; 3297 3298 if ((ipsq = kmem_zalloc(sizeof (ipsq_t), KM_NOSLEEP)) == NULL) 3299 return (B_FALSE); 3300 3301 ill->ill_phyint->phyint_ipsq = ipsq; 3302 ipx = ipsq->ipsq_xop = &ipsq->ipsq_ownxop; 3303 ipx->ipx_ipsq = ipsq; 3304 ipsq->ipsq_next = ipsq; 3305 ipsq->ipsq_phyint = ill->ill_phyint; 3306 mutex_init(&ipsq->ipsq_lock, NULL, MUTEX_DEFAULT, 0); 3307 mutex_init(&ipx->ipx_lock, NULL, MUTEX_DEFAULT, 0); 3308 ipsq->ipsq_ipst = ill->ill_ipst; /* No netstack_hold */ 3309 if (enter) { 3310 ipx->ipx_writer = curthread; 3311 ipx->ipx_forced = B_FALSE; 3312 ipx->ipx_reentry_cnt = 1; 3313 #ifdef DEBUG 3314 ipx->ipx_depth = getpcstack(ipx->ipx_stack, IPX_STACK_DEPTH); 3315 #endif 3316 } 3317 return (B_TRUE); 3318 } 3319 3320 /* 3321 * ill_init is called by ip_open when a device control stream is opened. 3322 * It does a few initializations, and shoots a DL_INFO_REQ message down 3323 * to the driver. The response is later picked up in ip_rput_dlpi and 3324 * used to set up default mechanisms for talking to the driver. (Always 3325 * called as writer.) 3326 * 3327 * If this function returns error, ip_open will call ip_close which in 3328 * turn will call ill_delete to clean up any memory allocated here that 3329 * is not yet freed. 3330 */ 3331 int 3332 ill_init(queue_t *q, ill_t *ill) 3333 { 3334 int count; 3335 dl_info_req_t *dlir; 3336 mblk_t *info_mp; 3337 uchar_t *frag_ptr; 3338 3339 /* 3340 * The ill is initialized to zero by mi_alloc*(). In addition 3341 * some fields already contain valid values, initialized in 3342 * ip_open(), before we reach here. 3343 */ 3344 mutex_init(&ill->ill_lock, NULL, MUTEX_DEFAULT, 0); 3345 mutex_init(&ill->ill_saved_ire_lock, NULL, MUTEX_DEFAULT, NULL); 3346 ill->ill_saved_ire_cnt = 0; 3347 3348 ill->ill_rq = q; 3349 ill->ill_wq = WR(q); 3350 3351 info_mp = allocb(MAX(sizeof (dl_info_req_t), sizeof (dl_info_ack_t)), 3352 BPRI_HI); 3353 if (info_mp == NULL) 3354 return (ENOMEM); 3355 3356 /* 3357 * Allocate sufficient space to contain our fragment hash table and 3358 * the device name. 3359 */ 3360 frag_ptr = (uchar_t *)mi_zalloc(ILL_FRAG_HASH_TBL_SIZE + 2 * LIFNAMSIZ); 3361 if (frag_ptr == NULL) { 3362 freemsg(info_mp); 3363 return (ENOMEM); 3364 } 3365 ill->ill_frag_ptr = frag_ptr; 3366 ill->ill_frag_free_num_pkts = 0; 3367 ill->ill_last_frag_clean_time = 0; 3368 ill->ill_frag_hash_tbl = (ipfb_t *)frag_ptr; 3369 ill->ill_name = (char *)(frag_ptr + ILL_FRAG_HASH_TBL_SIZE); 3370 for (count = 0; count < ILL_FRAG_HASH_TBL_COUNT; count++) { 3371 mutex_init(&ill->ill_frag_hash_tbl[count].ipfb_lock, 3372 NULL, MUTEX_DEFAULT, NULL); 3373 } 3374 3375 ill->ill_phyint = (phyint_t *)mi_zalloc(sizeof (phyint_t)); 3376 if (ill->ill_phyint == NULL) { 3377 freemsg(info_mp); 3378 mi_free(frag_ptr); 3379 return (ENOMEM); 3380 } 3381 3382 mutex_init(&ill->ill_phyint->phyint_lock, NULL, MUTEX_DEFAULT, 0); 3383 /* 3384 * For now pretend this is a v4 ill. We need to set phyint_ill* 3385 * at this point because of the following reason. If we can't 3386 * enter the ipsq at some point and cv_wait, the writer that 3387 * wakes us up tries to locate us using the list of all phyints 3388 * in an ipsq and the ills from the phyint thru the phyint_ill*. 3389 * If we don't set it now, we risk a missed wakeup. 3390 */ 3391 ill->ill_phyint->phyint_illv4 = ill; 3392 ill->ill_ppa = UINT_MAX; 3393 list_create(&ill->ill_nce, sizeof (nce_t), offsetof(nce_t, nce_node)); 3394 3395 ill_set_inputfn(ill); 3396 3397 if (!ipsq_init(ill, B_TRUE)) { 3398 freemsg(info_mp); 3399 mi_free(frag_ptr); 3400 mi_free(ill->ill_phyint); 3401 return (ENOMEM); 3402 } 3403 3404 ill->ill_state_flags |= ILL_LL_SUBNET_PENDING; 3405 3406 /* Frag queue limit stuff */ 3407 ill->ill_frag_count = 0; 3408 ill->ill_ipf_gen = 0; 3409 3410 rw_init(&ill->ill_mcast_lock, NULL, RW_DEFAULT, NULL); 3411 mutex_init(&ill->ill_mcast_serializer, NULL, MUTEX_DEFAULT, NULL); 3412 ill->ill_global_timer = INFINITY; 3413 ill->ill_mcast_v1_time = ill->ill_mcast_v2_time = 0; 3414 ill->ill_mcast_v1_tset = ill->ill_mcast_v2_tset = 0; 3415 ill->ill_mcast_rv = MCAST_DEF_ROBUSTNESS; 3416 ill->ill_mcast_qi = MCAST_DEF_QUERY_INTERVAL; 3417 3418 /* 3419 * Initialize IPv6 configuration variables. The IP module is always 3420 * opened as an IPv4 module. Instead tracking down the cases where 3421 * it switches to do ipv6, we'll just initialize the IPv6 configuration 3422 * here for convenience, this has no effect until the ill is set to do 3423 * IPv6. 3424 */ 3425 ill->ill_reachable_time = ND_REACHABLE_TIME; 3426 ill->ill_xmit_count = ND_MAX_MULTICAST_SOLICIT; 3427 ill->ill_max_buf = ND_MAX_Q; 3428 ill->ill_refcnt = 0; 3429 3430 /* Send down the Info Request to the driver. */ 3431 info_mp->b_datap->db_type = M_PCPROTO; 3432 dlir = (dl_info_req_t *)info_mp->b_rptr; 3433 info_mp->b_wptr = (uchar_t *)&dlir[1]; 3434 dlir->dl_primitive = DL_INFO_REQ; 3435 3436 ill->ill_dlpi_pending = DL_PRIM_INVAL; 3437 3438 qprocson(q); 3439 ill_dlpi_send(ill, info_mp); 3440 3441 return (0); 3442 } 3443 3444 /* 3445 * ill_dls_info 3446 * creates datalink socket info from the device. 3447 */ 3448 int 3449 ill_dls_info(struct sockaddr_dl *sdl, const ill_t *ill) 3450 { 3451 size_t len; 3452 3453 sdl->sdl_family = AF_LINK; 3454 sdl->sdl_index = ill_get_upper_ifindex(ill); 3455 sdl->sdl_type = ill->ill_type; 3456 ill_get_name(ill, sdl->sdl_data, sizeof (sdl->sdl_data)); 3457 len = strlen(sdl->sdl_data); 3458 ASSERT(len < 256); 3459 sdl->sdl_nlen = (uchar_t)len; 3460 sdl->sdl_alen = ill->ill_phys_addr_length; 3461 sdl->sdl_slen = 0; 3462 if (ill->ill_phys_addr_length != 0 && ill->ill_phys_addr != NULL) 3463 bcopy(ill->ill_phys_addr, &sdl->sdl_data[len], sdl->sdl_alen); 3464 3465 return (sizeof (struct sockaddr_dl)); 3466 } 3467 3468 /* 3469 * ill_xarp_info 3470 * creates xarp info from the device. 3471 */ 3472 static int 3473 ill_xarp_info(struct sockaddr_dl *sdl, ill_t *ill) 3474 { 3475 sdl->sdl_family = AF_LINK; 3476 sdl->sdl_index = ill->ill_phyint->phyint_ifindex; 3477 sdl->sdl_type = ill->ill_type; 3478 ill_get_name(ill, sdl->sdl_data, sizeof (sdl->sdl_data)); 3479 sdl->sdl_nlen = (uchar_t)mi_strlen(sdl->sdl_data); 3480 sdl->sdl_alen = ill->ill_phys_addr_length; 3481 sdl->sdl_slen = 0; 3482 return (sdl->sdl_nlen); 3483 } 3484 3485 static int 3486 loopback_kstat_update(kstat_t *ksp, int rw) 3487 { 3488 kstat_named_t *kn; 3489 netstackid_t stackid; 3490 netstack_t *ns; 3491 ip_stack_t *ipst; 3492 3493 if (ksp == NULL || ksp->ks_data == NULL) 3494 return (EIO); 3495 3496 if (rw == KSTAT_WRITE) 3497 return (EACCES); 3498 3499 kn = KSTAT_NAMED_PTR(ksp); 3500 stackid = (zoneid_t)(uintptr_t)ksp->ks_private; 3501 3502 ns = netstack_find_by_stackid(stackid); 3503 if (ns == NULL) 3504 return (-1); 3505 3506 ipst = ns->netstack_ip; 3507 if (ipst == NULL) { 3508 netstack_rele(ns); 3509 return (-1); 3510 } 3511 kn[0].value.ui32 = ipst->ips_loopback_packets; 3512 kn[1].value.ui32 = ipst->ips_loopback_packets; 3513 netstack_rele(ns); 3514 return (0); 3515 } 3516 3517 /* 3518 * Has ifindex been plumbed already? 3519 */ 3520 static boolean_t 3521 phyint_exists(uint_t index, ip_stack_t *ipst) 3522 { 3523 ASSERT(index != 0); 3524 ASSERT(RW_LOCK_HELD(&ipst->ips_ill_g_lock)); 3525 3526 return (avl_find(&ipst->ips_phyint_g_list->phyint_list_avl_by_index, 3527 &index, NULL) != NULL); 3528 } 3529 3530 /* Pick a unique ifindex */ 3531 boolean_t 3532 ip_assign_ifindex(uint_t *indexp, ip_stack_t *ipst) 3533 { 3534 uint_t starting_index; 3535 3536 if (!ipst->ips_ill_index_wrap) { 3537 *indexp = ipst->ips_ill_index++; 3538 if (ipst->ips_ill_index == 0) { 3539 /* Reached the uint_t limit Next time wrap */ 3540 ipst->ips_ill_index_wrap = B_TRUE; 3541 } 3542 return (B_TRUE); 3543 } 3544 3545 /* 3546 * Start reusing unused indexes. Note that we hold the ill_g_lock 3547 * at this point and don't want to call any function that attempts 3548 * to get the lock again. 3549 */ 3550 starting_index = ipst->ips_ill_index++; 3551 for (; ipst->ips_ill_index != starting_index; ipst->ips_ill_index++) { 3552 if (ipst->ips_ill_index != 0 && 3553 !phyint_exists(ipst->ips_ill_index, ipst)) { 3554 /* found unused index - use it */ 3555 *indexp = ipst->ips_ill_index; 3556 return (B_TRUE); 3557 } 3558 } 3559 3560 /* 3561 * all interface indicies are inuse. 3562 */ 3563 return (B_FALSE); 3564 } 3565 3566 /* 3567 * Assign a unique interface index for the phyint. 3568 */ 3569 static boolean_t 3570 phyint_assign_ifindex(phyint_t *phyi, ip_stack_t *ipst) 3571 { 3572 ASSERT(phyi->phyint_ifindex == 0); 3573 return (ip_assign_ifindex(&phyi->phyint_ifindex, ipst)); 3574 } 3575 3576 /* 3577 * Initialize the flags on `phyi' as per the provided mactype. 3578 */ 3579 static void 3580 phyint_flags_init(phyint_t *phyi, t_uscalar_t mactype) 3581 { 3582 uint64_t flags = 0; 3583 3584 /* 3585 * Initialize PHYI_RUNNING and PHYI_FAILED. For non-IPMP interfaces, 3586 * we always presume the underlying hardware is working and set 3587 * PHYI_RUNNING (if it's not, the driver will subsequently send a 3588 * DL_NOTE_LINK_DOWN message). For IPMP interfaces, at initialization 3589 * there are no active interfaces in the group so we set PHYI_FAILED. 3590 */ 3591 if (mactype == SUNW_DL_IPMP) 3592 flags |= PHYI_FAILED; 3593 else 3594 flags |= PHYI_RUNNING; 3595 3596 switch (mactype) { 3597 case SUNW_DL_VNI: 3598 flags |= PHYI_VIRTUAL; 3599 break; 3600 case SUNW_DL_IPMP: 3601 flags |= PHYI_IPMP; 3602 break; 3603 case DL_LOOP: 3604 flags |= (PHYI_LOOPBACK | PHYI_VIRTUAL); 3605 break; 3606 } 3607 3608 mutex_enter(&phyi->phyint_lock); 3609 phyi->phyint_flags |= flags; 3610 mutex_exit(&phyi->phyint_lock); 3611 } 3612 3613 /* 3614 * Return a pointer to the ill which matches the supplied name. Note that 3615 * the ill name length includes the null termination character. (May be 3616 * called as writer.) 3617 * If do_alloc and the interface is "lo0" it will be automatically created. 3618 * Cannot bump up reference on condemned ills. So dup detect can't be done 3619 * using this func. 3620 */ 3621 ill_t * 3622 ill_lookup_on_name(char *name, boolean_t do_alloc, boolean_t isv6, 3623 boolean_t *did_alloc, ip_stack_t *ipst) 3624 { 3625 ill_t *ill; 3626 ipif_t *ipif; 3627 ipsq_t *ipsq; 3628 kstat_named_t *kn; 3629 boolean_t isloopback; 3630 in6_addr_t ov6addr; 3631 3632 isloopback = mi_strcmp(name, ipif_loopback_name) == 0; 3633 3634 rw_enter(&ipst->ips_ill_g_lock, RW_READER); 3635 ill = ill_find_by_name(name, isv6, ipst); 3636 rw_exit(&ipst->ips_ill_g_lock); 3637 if (ill != NULL) 3638 return (ill); 3639 3640 /* 3641 * Couldn't find it. Does this happen to be a lookup for the 3642 * loopback device and are we allowed to allocate it? 3643 */ 3644 if (!isloopback || !do_alloc) 3645 return (NULL); 3646 3647 rw_enter(&ipst->ips_ill_g_lock, RW_WRITER); 3648 ill = ill_find_by_name(name, isv6, ipst); 3649 if (ill != NULL) { 3650 rw_exit(&ipst->ips_ill_g_lock); 3651 return (ill); 3652 } 3653 3654 /* Create the loopback device on demand */ 3655 ill = (ill_t *)(mi_alloc(sizeof (ill_t) + 3656 sizeof (ipif_loopback_name), BPRI_MED)); 3657 if (ill == NULL) 3658 goto done; 3659 3660 *ill = ill_null; 3661 mutex_init(&ill->ill_lock, NULL, MUTEX_DEFAULT, NULL); 3662 ill->ill_ipst = ipst; 3663 list_create(&ill->ill_nce, sizeof (nce_t), offsetof(nce_t, nce_node)); 3664 netstack_hold(ipst->ips_netstack); 3665 /* 3666 * For exclusive stacks we set the zoneid to zero 3667 * to make IP operate as if in the global zone. 3668 */ 3669 ill->ill_zoneid = GLOBAL_ZONEID; 3670 3671 ill->ill_phyint = (phyint_t *)mi_zalloc(sizeof (phyint_t)); 3672 if (ill->ill_phyint == NULL) 3673 goto done; 3674 3675 if (isv6) 3676 ill->ill_phyint->phyint_illv6 = ill; 3677 else 3678 ill->ill_phyint->phyint_illv4 = ill; 3679 mutex_init(&ill->ill_phyint->phyint_lock, NULL, MUTEX_DEFAULT, 0); 3680 phyint_flags_init(ill->ill_phyint, DL_LOOP); 3681 3682 if (isv6) { 3683 ill->ill_isv6 = B_TRUE; 3684 ill->ill_max_frag = ip_loopback_mtu_v6plus; 3685 } else { 3686 ill->ill_max_frag = ip_loopback_mtuplus; 3687 } 3688 if (!ill_allocate_mibs(ill)) 3689 goto done; 3690 ill->ill_current_frag = ill->ill_max_frag; 3691 ill->ill_mtu = ill->ill_max_frag; /* Initial value */ 3692 /* 3693 * ipif_loopback_name can't be pointed at directly because its used 3694 * by both the ipv4 and ipv6 interfaces. When the ill is removed 3695 * from the glist, ill_glist_delete() sets the first character of 3696 * ill_name to '\0'. 3697 */ 3698 ill->ill_name = (char *)ill + sizeof (*ill); 3699 (void) strcpy(ill->ill_name, ipif_loopback_name); 3700 ill->ill_name_length = sizeof (ipif_loopback_name); 3701 /* Set ill_dlpi_pending for ipsq_current_finish() to work properly */ 3702 ill->ill_dlpi_pending = DL_PRIM_INVAL; 3703 3704 rw_init(&ill->ill_mcast_lock, NULL, RW_DEFAULT, NULL); 3705 mutex_init(&ill->ill_mcast_serializer, NULL, MUTEX_DEFAULT, NULL); 3706 ill->ill_global_timer = INFINITY; 3707 ill->ill_mcast_v1_time = ill->ill_mcast_v2_time = 0; 3708 ill->ill_mcast_v1_tset = ill->ill_mcast_v2_tset = 0; 3709 ill->ill_mcast_rv = MCAST_DEF_ROBUSTNESS; 3710 ill->ill_mcast_qi = MCAST_DEF_QUERY_INTERVAL; 3711 3712 /* No resolver here. */ 3713 ill->ill_net_type = IRE_LOOPBACK; 3714 3715 /* Initialize the ipsq */ 3716 if (!ipsq_init(ill, B_FALSE)) 3717 goto done; 3718 3719 ipif = ipif_allocate(ill, 0L, IRE_LOOPBACK, B_TRUE, B_TRUE, NULL); 3720 if (ipif == NULL) 3721 goto done; 3722 3723 ill->ill_flags = ILLF_MULTICAST; 3724 3725 ov6addr = ipif->ipif_v6lcl_addr; 3726 /* Set up default loopback address and mask. */ 3727 if (!isv6) { 3728 ipaddr_t inaddr_loopback = htonl(INADDR_LOOPBACK); 3729 3730 IN6_IPADDR_TO_V4MAPPED(inaddr_loopback, &ipif->ipif_v6lcl_addr); 3731 V4MASK_TO_V6(htonl(IN_CLASSA_NET), ipif->ipif_v6net_mask); 3732 V6_MASK_COPY(ipif->ipif_v6lcl_addr, ipif->ipif_v6net_mask, 3733 ipif->ipif_v6subnet); 3734 ill->ill_flags |= ILLF_IPV4; 3735 } else { 3736 ipif->ipif_v6lcl_addr = ipv6_loopback; 3737 ipif->ipif_v6net_mask = ipv6_all_ones; 3738 V6_MASK_COPY(ipif->ipif_v6lcl_addr, ipif->ipif_v6net_mask, 3739 ipif->ipif_v6subnet); 3740 ill->ill_flags |= ILLF_IPV6; 3741 } 3742 3743 /* 3744 * Chain us in at the end of the ill list. hold the ill 3745 * before we make it globally visible. 1 for the lookup. 3746 */ 3747 ill->ill_refcnt = 0; 3748 ill_refhold(ill); 3749 3750 ill->ill_frag_count = 0; 3751 ill->ill_frag_free_num_pkts = 0; 3752 ill->ill_last_frag_clean_time = 0; 3753 3754 ipsq = ill->ill_phyint->phyint_ipsq; 3755 3756 ill_set_inputfn(ill); 3757 3758 if (ill_glist_insert(ill, "lo", isv6) != 0) 3759 cmn_err(CE_PANIC, "cannot insert loopback interface"); 3760 3761 /* Let SCTP know so that it can add this to its list */ 3762 sctp_update_ill(ill, SCTP_ILL_INSERT); 3763 3764 /* 3765 * We have already assigned ipif_v6lcl_addr above, but we need to 3766 * call sctp_update_ipif_addr() after SCTP_ILL_INSERT, which 3767 * requires to be after ill_glist_insert() since we need the 3768 * ill_index set. Pass on ipv6_loopback as the old address. 3769 */ 3770 sctp_update_ipif_addr(ipif, ov6addr); 3771 3772 ip_rts_newaddrmsg(RTM_CHGADDR, 0, ipif, RTSQ_DEFAULT); 3773 3774 /* 3775 * ill_glist_insert() -> ill_phyint_reinit() may have merged IPSQs. 3776 * If so, free our original one. 3777 */ 3778 if (ipsq != ill->ill_phyint->phyint_ipsq) 3779 ipsq_delete(ipsq); 3780 3781 if (ipst->ips_loopback_ksp == NULL) { 3782 /* Export loopback interface statistics */ 3783 ipst->ips_loopback_ksp = kstat_create_netstack("lo", 0, 3784 ipif_loopback_name, "net", 3785 KSTAT_TYPE_NAMED, 2, 0, 3786 ipst->ips_netstack->netstack_stackid); 3787 if (ipst->ips_loopback_ksp != NULL) { 3788 ipst->ips_loopback_ksp->ks_update = 3789 loopback_kstat_update; 3790 kn = KSTAT_NAMED_PTR(ipst->ips_loopback_ksp); 3791 kstat_named_init(&kn[0], "ipackets", KSTAT_DATA_UINT32); 3792 kstat_named_init(&kn[1], "opackets", KSTAT_DATA_UINT32); 3793 ipst->ips_loopback_ksp->ks_private = 3794 (void *)(uintptr_t)ipst->ips_netstack-> 3795 netstack_stackid; 3796 kstat_install(ipst->ips_loopback_ksp); 3797 } 3798 } 3799 3800 *did_alloc = B_TRUE; 3801 rw_exit(&ipst->ips_ill_g_lock); 3802 ill_nic_event_dispatch(ill, MAP_IPIF_ID(ill->ill_ipif->ipif_id), 3803 NE_PLUMB, ill->ill_name, ill->ill_name_length); 3804 return (ill); 3805 done: 3806 if (ill != NULL) { 3807 if (ill->ill_phyint != NULL) { 3808 ipsq = ill->ill_phyint->phyint_ipsq; 3809 if (ipsq != NULL) { 3810 ipsq->ipsq_phyint = NULL; 3811 ipsq_delete(ipsq); 3812 } 3813 mi_free(ill->ill_phyint); 3814 } 3815 ill_free_mib(ill); 3816 if (ill->ill_ipst != NULL) 3817 netstack_rele(ill->ill_ipst->ips_netstack); 3818 mi_free(ill); 3819 } 3820 rw_exit(&ipst->ips_ill_g_lock); 3821 return (NULL); 3822 } 3823 3824 /* 3825 * For IPP calls - use the ip_stack_t for global stack. 3826 */ 3827 ill_t * 3828 ill_lookup_on_ifindex_global_instance(uint_t index, boolean_t isv6) 3829 { 3830 ip_stack_t *ipst; 3831 ill_t *ill; 3832 3833 ipst = netstack_find_by_stackid(GLOBAL_NETSTACKID)->netstack_ip; 3834 if (ipst == NULL) { 3835 cmn_err(CE_WARN, "No ip_stack_t for zoneid zero!\n"); 3836 return (NULL); 3837 } 3838 3839 ill = ill_lookup_on_ifindex(index, isv6, ipst); 3840 netstack_rele(ipst->ips_netstack); 3841 return (ill); 3842 } 3843 3844 /* 3845 * Return a pointer to the ill which matches the index and IP version type. 3846 */ 3847 ill_t * 3848 ill_lookup_on_ifindex(uint_t index, boolean_t isv6, ip_stack_t *ipst) 3849 { 3850 ill_t *ill; 3851 phyint_t *phyi; 3852 3853 /* 3854 * Indexes are stored in the phyint - a common structure 3855 * to both IPv4 and IPv6. 3856 */ 3857 rw_enter(&ipst->ips_ill_g_lock, RW_READER); 3858 phyi = avl_find(&ipst->ips_phyint_g_list->phyint_list_avl_by_index, 3859 (void *) &index, NULL); 3860 if (phyi != NULL) { 3861 ill = isv6 ? phyi->phyint_illv6: phyi->phyint_illv4; 3862 if (ill != NULL) { 3863 mutex_enter(&ill->ill_lock); 3864 if (!ILL_IS_CONDEMNED(ill)) { 3865 ill_refhold_locked(ill); 3866 mutex_exit(&ill->ill_lock); 3867 rw_exit(&ipst->ips_ill_g_lock); 3868 return (ill); 3869 } 3870 mutex_exit(&ill->ill_lock); 3871 } 3872 } 3873 rw_exit(&ipst->ips_ill_g_lock); 3874 return (NULL); 3875 } 3876 3877 /* 3878 * Verify whether or not an interface index is valid for the specified zoneid 3879 * to transmit packets. 3880 * It can be zero (meaning "reset") or an interface index assigned 3881 * to a non-VNI interface. (We don't use VNI interface to send packets.) 3882 */ 3883 boolean_t 3884 ip_xmit_ifindex_valid(uint_t ifindex, zoneid_t zoneid, boolean_t isv6, 3885 ip_stack_t *ipst) 3886 { 3887 ill_t *ill; 3888 3889 if (ifindex == 0) 3890 return (B_TRUE); 3891 3892 ill = ill_lookup_on_ifindex_zoneid(ifindex, zoneid, isv6, ipst); 3893 if (ill == NULL) 3894 return (B_FALSE); 3895 if (IS_VNI(ill)) { 3896 ill_refrele(ill); 3897 return (B_FALSE); 3898 } 3899 ill_refrele(ill); 3900 return (B_TRUE); 3901 } 3902 3903 /* 3904 * Return the ifindex next in sequence after the passed in ifindex. 3905 * If there is no next ifindex for the given protocol, return 0. 3906 */ 3907 uint_t 3908 ill_get_next_ifindex(uint_t index, boolean_t isv6, ip_stack_t *ipst) 3909 { 3910 phyint_t *phyi; 3911 phyint_t *phyi_initial; 3912 uint_t ifindex; 3913 3914 rw_enter(&ipst->ips_ill_g_lock, RW_READER); 3915 3916 if (index == 0) { 3917 phyi = avl_first( 3918 &ipst->ips_phyint_g_list->phyint_list_avl_by_index); 3919 } else { 3920 phyi = phyi_initial = avl_find( 3921 &ipst->ips_phyint_g_list->phyint_list_avl_by_index, 3922 (void *) &index, NULL); 3923 } 3924 3925 for (; phyi != NULL; 3926 phyi = avl_walk(&ipst->ips_phyint_g_list->phyint_list_avl_by_index, 3927 phyi, AVL_AFTER)) { 3928 /* 3929 * If we're not returning the first interface in the tree 3930 * and we still haven't moved past the phyint_t that 3931 * corresponds to index, avl_walk needs to be called again 3932 */ 3933 if (!((index != 0) && (phyi == phyi_initial))) { 3934 if (isv6) { 3935 if ((phyi->phyint_illv6) && 3936 ILL_CAN_LOOKUP(phyi->phyint_illv6) && 3937 (phyi->phyint_illv6->ill_isv6 == 1)) 3938 break; 3939 } else { 3940 if ((phyi->phyint_illv4) && 3941 ILL_CAN_LOOKUP(phyi->phyint_illv4) && 3942 (phyi->phyint_illv4->ill_isv6 == 0)) 3943 break; 3944 } 3945 } 3946 } 3947 3948 rw_exit(&ipst->ips_ill_g_lock); 3949 3950 if (phyi != NULL) 3951 ifindex = phyi->phyint_ifindex; 3952 else 3953 ifindex = 0; 3954 3955 return (ifindex); 3956 } 3957 3958 /* 3959 * Return the ifindex for the named interface. 3960 * If there is no next ifindex for the interface, return 0. 3961 */ 3962 uint_t 3963 ill_get_ifindex_by_name(char *name, ip_stack_t *ipst) 3964 { 3965 phyint_t *phyi; 3966 avl_index_t where = 0; 3967 uint_t ifindex; 3968 3969 rw_enter(&ipst->ips_ill_g_lock, RW_READER); 3970 3971 if ((phyi = avl_find(&ipst->ips_phyint_g_list->phyint_list_avl_by_name, 3972 name, &where)) == NULL) { 3973 rw_exit(&ipst->ips_ill_g_lock); 3974 return (0); 3975 } 3976 3977 ifindex = phyi->phyint_ifindex; 3978 3979 rw_exit(&ipst->ips_ill_g_lock); 3980 3981 return (ifindex); 3982 } 3983 3984 /* 3985 * Return the ifindex to be used by upper layer protocols for instance 3986 * for IPV6_RECVPKTINFO. If IPMP this is the one for the upper ill. 3987 */ 3988 uint_t 3989 ill_get_upper_ifindex(const ill_t *ill) 3990 { 3991 if (IS_UNDER_IPMP(ill)) 3992 return (ipmp_ill_get_ipmp_ifindex(ill)); 3993 else 3994 return (ill->ill_phyint->phyint_ifindex); 3995 } 3996 3997 3998 /* 3999 * Obtain a reference to the ill. The ill_refcnt is a dynamic refcnt 4000 * that gives a running thread a reference to the ill. This reference must be 4001 * released by the thread when it is done accessing the ill and related 4002 * objects. ill_refcnt can not be used to account for static references 4003 * such as other structures pointing to an ill. Callers must generally 4004 * check whether an ill can be refheld by using ILL_CAN_LOOKUP macros 4005 * or be sure that the ill is not being deleted or changing state before 4006 * calling the refhold functions. A non-zero ill_refcnt ensures that the 4007 * ill won't change any of its critical state such as address, netmask etc. 4008 */ 4009 void 4010 ill_refhold(ill_t *ill) 4011 { 4012 mutex_enter(&ill->ill_lock); 4013 ill->ill_refcnt++; 4014 ILL_TRACE_REF(ill); 4015 mutex_exit(&ill->ill_lock); 4016 } 4017 4018 void 4019 ill_refhold_locked(ill_t *ill) 4020 { 4021 ASSERT(MUTEX_HELD(&ill->ill_lock)); 4022 ill->ill_refcnt++; 4023 ILL_TRACE_REF(ill); 4024 } 4025 4026 /* Returns true if we managed to get a refhold */ 4027 boolean_t 4028 ill_check_and_refhold(ill_t *ill) 4029 { 4030 mutex_enter(&ill->ill_lock); 4031 if (!ILL_IS_CONDEMNED(ill)) { 4032 ill_refhold_locked(ill); 4033 mutex_exit(&ill->ill_lock); 4034 return (B_TRUE); 4035 } 4036 mutex_exit(&ill->ill_lock); 4037 return (B_FALSE); 4038 } 4039 4040 /* 4041 * Must not be called while holding any locks. Otherwise if this is 4042 * the last reference to be released, there is a chance of recursive mutex 4043 * panic due to ill_refrele -> ipif_ill_refrele_tail -> qwriter_ip trying 4044 * to restart an ioctl. 4045 */ 4046 void 4047 ill_refrele(ill_t *ill) 4048 { 4049 mutex_enter(&ill->ill_lock); 4050 ASSERT(ill->ill_refcnt != 0); 4051 ill->ill_refcnt--; 4052 ILL_UNTRACE_REF(ill); 4053 if (ill->ill_refcnt != 0) { 4054 /* Every ire pointing to the ill adds 1 to ill_refcnt */ 4055 mutex_exit(&ill->ill_lock); 4056 return; 4057 } 4058 4059 /* Drops the ill_lock */ 4060 ipif_ill_refrele_tail(ill); 4061 } 4062 4063 /* 4064 * Obtain a weak reference count on the ill. This reference ensures the 4065 * ill won't be freed, but the ill may change any of its critical state 4066 * such as netmask, address etc. Returns an error if the ill has started 4067 * closing. 4068 */ 4069 boolean_t 4070 ill_waiter_inc(ill_t *ill) 4071 { 4072 mutex_enter(&ill->ill_lock); 4073 if (ill->ill_state_flags & ILL_CONDEMNED) { 4074 mutex_exit(&ill->ill_lock); 4075 return (B_FALSE); 4076 } 4077 ill->ill_waiters++; 4078 mutex_exit(&ill->ill_lock); 4079 return (B_TRUE); 4080 } 4081 4082 void 4083 ill_waiter_dcr(ill_t *ill) 4084 { 4085 mutex_enter(&ill->ill_lock); 4086 ill->ill_waiters--; 4087 if (ill->ill_waiters == 0) 4088 cv_broadcast(&ill->ill_cv); 4089 mutex_exit(&ill->ill_lock); 4090 } 4091 4092 /* 4093 * ip_ll_subnet_defaults is called when we get the DL_INFO_ACK back from the 4094 * driver. We construct best guess defaults for lower level information that 4095 * we need. If an interface is brought up without injection of any overriding 4096 * information from outside, we have to be ready to go with these defaults. 4097 * When we get the first DL_INFO_ACK (from ip_open() sending a DL_INFO_REQ) 4098 * we primarely want the dl_provider_style. 4099 * The subsequent DL_INFO_ACK is received after doing a DL_ATTACH and DL_BIND 4100 * at which point we assume the other part of the information is valid. 4101 */ 4102 void 4103 ip_ll_subnet_defaults(ill_t *ill, mblk_t *mp) 4104 { 4105 uchar_t *brdcst_addr; 4106 uint_t brdcst_addr_length, phys_addr_length; 4107 t_scalar_t sap_length; 4108 dl_info_ack_t *dlia; 4109 ip_m_t *ipm; 4110 dl_qos_cl_sel1_t *sel1; 4111 int min_mtu; 4112 4113 ASSERT(IAM_WRITER_ILL(ill)); 4114 4115 /* 4116 * Till the ill is fully up the ill is not globally visible. 4117 * So no need for a lock. 4118 */ 4119 dlia = (dl_info_ack_t *)mp->b_rptr; 4120 ill->ill_mactype = dlia->dl_mac_type; 4121 4122 ipm = ip_m_lookup(dlia->dl_mac_type); 4123 if (ipm == NULL) { 4124 ipm = ip_m_lookup(DL_OTHER); 4125 ASSERT(ipm != NULL); 4126 } 4127 ill->ill_media = ipm; 4128 4129 /* 4130 * When the new DLPI stuff is ready we'll pull lengths 4131 * from dlia. 4132 */ 4133 if (dlia->dl_version == DL_VERSION_2) { 4134 brdcst_addr_length = dlia->dl_brdcst_addr_length; 4135 brdcst_addr = mi_offset_param(mp, dlia->dl_brdcst_addr_offset, 4136 brdcst_addr_length); 4137 if (brdcst_addr == NULL) { 4138 brdcst_addr_length = 0; 4139 } 4140 sap_length = dlia->dl_sap_length; 4141 phys_addr_length = dlia->dl_addr_length - ABS(sap_length); 4142 ip1dbg(("ip: bcast_len %d, sap_len %d, phys_len %d\n", 4143 brdcst_addr_length, sap_length, phys_addr_length)); 4144 } else { 4145 brdcst_addr_length = 6; 4146 brdcst_addr = ip_six_byte_all_ones; 4147 sap_length = -2; 4148 phys_addr_length = brdcst_addr_length; 4149 } 4150 4151 ill->ill_bcast_addr_length = brdcst_addr_length; 4152 ill->ill_phys_addr_length = phys_addr_length; 4153 ill->ill_sap_length = sap_length; 4154 4155 /* 4156 * Synthetic DLPI types such as SUNW_DL_IPMP specify a zero SDU, 4157 * but we must ensure a minimum IP MTU is used since other bits of 4158 * IP will fly apart otherwise. 4159 */ 4160 min_mtu = ill->ill_isv6 ? IPV6_MIN_MTU : IP_MIN_MTU; 4161 ill->ill_max_frag = MAX(min_mtu, dlia->dl_max_sdu); 4162 ill->ill_current_frag = ill->ill_max_frag; 4163 ill->ill_mtu = ill->ill_max_frag; 4164 4165 ill->ill_type = ipm->ip_m_type; 4166 4167 if (!ill->ill_dlpi_style_set) { 4168 if (dlia->dl_provider_style == DL_STYLE2) 4169 ill->ill_needs_attach = 1; 4170 4171 phyint_flags_init(ill->ill_phyint, ill->ill_mactype); 4172 4173 /* 4174 * Allocate the first ipif on this ill. We don't delay it 4175 * further as ioctl handling assumes at least one ipif exists. 4176 * 4177 * At this point we don't know whether the ill is v4 or v6. 4178 * We will know this whan the SIOCSLIFNAME happens and 4179 * the correct value for ill_isv6 will be assigned in 4180 * ipif_set_values(). We need to hold the ill lock and 4181 * clear the ILL_LL_SUBNET_PENDING flag and atomically do 4182 * the wakeup. 4183 */ 4184 (void) ipif_allocate(ill, 0, IRE_LOCAL, 4185 dlia->dl_provider_style != DL_STYLE2, B_TRUE, NULL); 4186 mutex_enter(&ill->ill_lock); 4187 ASSERT(ill->ill_dlpi_style_set == 0); 4188 ill->ill_dlpi_style_set = 1; 4189 ill->ill_state_flags &= ~ILL_LL_SUBNET_PENDING; 4190 cv_broadcast(&ill->ill_cv); 4191 mutex_exit(&ill->ill_lock); 4192 freemsg(mp); 4193 return; 4194 } 4195 ASSERT(ill->ill_ipif != NULL); 4196 /* 4197 * We know whether it is IPv4 or IPv6 now, as this is the 4198 * second DL_INFO_ACK we are recieving in response to the 4199 * DL_INFO_REQ sent in ipif_set_values. 4200 */ 4201 ill->ill_sap = (ill->ill_isv6) ? ipm->ip_m_ipv6sap : ipm->ip_m_ipv4sap; 4202 /* 4203 * Clear all the flags that were set based on ill_bcast_addr_length 4204 * and ill_phys_addr_length (in ipif_set_values) as these could have 4205 * changed now and we need to re-evaluate. 4206 */ 4207 ill->ill_flags &= ~(ILLF_MULTICAST | ILLF_NONUD | ILLF_NOARP); 4208 ill->ill_ipif->ipif_flags &= ~(IPIF_BROADCAST | IPIF_POINTOPOINT); 4209 4210 /* 4211 * Free ill_bcast_mp as things could have changed now. 4212 * 4213 * NOTE: The IPMP meta-interface is special-cased because it starts 4214 * with no underlying interfaces (and thus an unknown broadcast 4215 * address length), but we enforce that an interface is broadcast- 4216 * capable as part of allowing it to join a group. 4217 */ 4218 if (ill->ill_bcast_addr_length == 0 && !IS_IPMP(ill)) { 4219 if (ill->ill_bcast_mp != NULL) 4220 freemsg(ill->ill_bcast_mp); 4221 ill->ill_net_type = IRE_IF_NORESOLVER; 4222 4223 ill->ill_bcast_mp = ill_dlur_gen(NULL, 4224 ill->ill_phys_addr_length, 4225 ill->ill_sap, 4226 ill->ill_sap_length); 4227 4228 if (ill->ill_isv6) 4229 /* 4230 * Note: xresolv interfaces will eventually need NOARP 4231 * set here as well, but that will require those 4232 * external resolvers to have some knowledge of 4233 * that flag and act appropriately. Not to be changed 4234 * at present. 4235 */ 4236 ill->ill_flags |= ILLF_NONUD; 4237 else 4238 ill->ill_flags |= ILLF_NOARP; 4239 4240 if (ill->ill_mactype == SUNW_DL_VNI) { 4241 ill->ill_ipif->ipif_flags |= IPIF_NOXMIT; 4242 } else if (ill->ill_phys_addr_length == 0 || 4243 ill->ill_mactype == DL_IPV4 || 4244 ill->ill_mactype == DL_IPV6) { 4245 /* 4246 * The underying link is point-to-point, so mark the 4247 * interface as such. We can do IP multicast over 4248 * such a link since it transmits all network-layer 4249 * packets to the remote side the same way. 4250 */ 4251 ill->ill_flags |= ILLF_MULTICAST; 4252 ill->ill_ipif->ipif_flags |= IPIF_POINTOPOINT; 4253 } 4254 } else { 4255 ill->ill_net_type = IRE_IF_RESOLVER; 4256 if (ill->ill_bcast_mp != NULL) 4257 freemsg(ill->ill_bcast_mp); 4258 ill->ill_bcast_mp = ill_dlur_gen(brdcst_addr, 4259 ill->ill_bcast_addr_length, ill->ill_sap, 4260 ill->ill_sap_length); 4261 /* 4262 * Later detect lack of DLPI driver multicast 4263 * capability by catching DL_ENABMULTI errors in 4264 * ip_rput_dlpi. 4265 */ 4266 ill->ill_flags |= ILLF_MULTICAST; 4267 if (!ill->ill_isv6) 4268 ill->ill_ipif->ipif_flags |= IPIF_BROADCAST; 4269 } 4270 4271 /* For IPMP, PHYI_IPMP should already be set by phyint_flags_init() */ 4272 if (ill->ill_mactype == SUNW_DL_IPMP) 4273 ASSERT(ill->ill_phyint->phyint_flags & PHYI_IPMP); 4274 4275 /* By default an interface does not support any CoS marking */ 4276 ill->ill_flags &= ~ILLF_COS_ENABLED; 4277 4278 /* 4279 * If we get QoS information in DL_INFO_ACK, the device supports 4280 * some form of CoS marking, set ILLF_COS_ENABLED. 4281 */ 4282 sel1 = (dl_qos_cl_sel1_t *)mi_offset_param(mp, dlia->dl_qos_offset, 4283 dlia->dl_qos_length); 4284 if ((sel1 != NULL) && (sel1->dl_qos_type == DL_QOS_CL_SEL1)) { 4285 ill->ill_flags |= ILLF_COS_ENABLED; 4286 } 4287 4288 /* Clear any previous error indication. */ 4289 ill->ill_error = 0; 4290 freemsg(mp); 4291 } 4292 4293 /* 4294 * Perform various checks to verify that an address would make sense as a 4295 * local, remote, or subnet interface address. 4296 */ 4297 static boolean_t 4298 ip_addr_ok_v4(ipaddr_t addr, ipaddr_t subnet_mask) 4299 { 4300 ipaddr_t net_mask; 4301 4302 /* 4303 * Don't allow all zeroes, or all ones, but allow 4304 * all ones netmask. 4305 */ 4306 if ((net_mask = ip_net_mask(addr)) == 0) 4307 return (B_FALSE); 4308 /* A given netmask overrides the "guess" netmask */ 4309 if (subnet_mask != 0) 4310 net_mask = subnet_mask; 4311 if ((net_mask != ~(ipaddr_t)0) && ((addr == (addr & net_mask)) || 4312 (addr == (addr | ~net_mask)))) { 4313 return (B_FALSE); 4314 } 4315 4316 /* 4317 * Even if the netmask is all ones, we do not allow address to be 4318 * 255.255.255.255 4319 */ 4320 if (addr == INADDR_BROADCAST) 4321 return (B_FALSE); 4322 4323 if (CLASSD(addr)) 4324 return (B_FALSE); 4325 4326 return (B_TRUE); 4327 } 4328 4329 #define V6_IPIF_LINKLOCAL(p) \ 4330 IN6_IS_ADDR_LINKLOCAL(&(p)->ipif_v6lcl_addr) 4331 4332 /* 4333 * Compare two given ipifs and check if the second one is better than 4334 * the first one using the order of preference (not taking deprecated 4335 * into acount) specified in ipif_lookup_multicast(). 4336 */ 4337 static boolean_t 4338 ipif_comp_multi(ipif_t *old_ipif, ipif_t *new_ipif, boolean_t isv6) 4339 { 4340 /* Check the least preferred first. */ 4341 if (IS_LOOPBACK(old_ipif->ipif_ill)) { 4342 /* If both ipifs are the same, use the first one. */ 4343 if (IS_LOOPBACK(new_ipif->ipif_ill)) 4344 return (B_FALSE); 4345 else 4346 return (B_TRUE); 4347 } 4348 4349 /* For IPv6, check for link local address. */ 4350 if (isv6 && V6_IPIF_LINKLOCAL(old_ipif)) { 4351 if (IS_LOOPBACK(new_ipif->ipif_ill) || 4352 V6_IPIF_LINKLOCAL(new_ipif)) { 4353 /* The second one is equal or less preferred. */ 4354 return (B_FALSE); 4355 } else { 4356 return (B_TRUE); 4357 } 4358 } 4359 4360 /* Then check for point to point interface. */ 4361 if (old_ipif->ipif_flags & IPIF_POINTOPOINT) { 4362 if (IS_LOOPBACK(new_ipif->ipif_ill) || 4363 (isv6 && V6_IPIF_LINKLOCAL(new_ipif)) || 4364 (new_ipif->ipif_flags & IPIF_POINTOPOINT)) { 4365 return (B_FALSE); 4366 } else { 4367 return (B_TRUE); 4368 } 4369 } 4370 4371 /* old_ipif is a normal interface, so no need to use the new one. */ 4372 return (B_FALSE); 4373 } 4374 4375 /* 4376 * Find a mulitcast-capable ipif given an IP instance and zoneid. 4377 * The ipif must be up, and its ill must multicast-capable, not 4378 * condemned, not an underlying interface in an IPMP group, and 4379 * not a VNI interface. Order of preference: 4380 * 4381 * 1a. normal 4382 * 1b. normal, but deprecated 4383 * 2a. point to point 4384 * 2b. point to point, but deprecated 4385 * 3a. link local 4386 * 3b. link local, but deprecated 4387 * 4. loopback. 4388 */ 4389 static ipif_t * 4390 ipif_lookup_multicast(ip_stack_t *ipst, zoneid_t zoneid, boolean_t isv6) 4391 { 4392 ill_t *ill; 4393 ill_walk_context_t ctx; 4394 ipif_t *ipif; 4395 ipif_t *saved_ipif = NULL; 4396 ipif_t *dep_ipif = NULL; 4397 4398 rw_enter(&ipst->ips_ill_g_lock, RW_READER); 4399 if (isv6) 4400 ill = ILL_START_WALK_V6(&ctx, ipst); 4401 else 4402 ill = ILL_START_WALK_V4(&ctx, ipst); 4403 4404 for (; ill != NULL; ill = ill_next(&ctx, ill)) { 4405 mutex_enter(&ill->ill_lock); 4406 if (IS_VNI(ill) || IS_UNDER_IPMP(ill) || 4407 ILL_IS_CONDEMNED(ill) || 4408 !(ill->ill_flags & ILLF_MULTICAST)) { 4409 mutex_exit(&ill->ill_lock); 4410 continue; 4411 } 4412 for (ipif = ill->ill_ipif; ipif != NULL; 4413 ipif = ipif->ipif_next) { 4414 if (zoneid != ipif->ipif_zoneid && 4415 zoneid != ALL_ZONES && 4416 ipif->ipif_zoneid != ALL_ZONES) { 4417 continue; 4418 } 4419 if (!(ipif->ipif_flags & IPIF_UP) || 4420 IPIF_IS_CONDEMNED(ipif)) { 4421 continue; 4422 } 4423 4424 /* 4425 * Found one candidate. If it is deprecated, 4426 * remember it in dep_ipif. If it is not deprecated, 4427 * remember it in saved_ipif. 4428 */ 4429 if (ipif->ipif_flags & IPIF_DEPRECATED) { 4430 if (dep_ipif == NULL) { 4431 dep_ipif = ipif; 4432 } else if (ipif_comp_multi(dep_ipif, ipif, 4433 isv6)) { 4434 /* 4435 * If the previous dep_ipif does not 4436 * belong to the same ill, we've done 4437 * a ipif_refhold() on it. So we need 4438 * to release it. 4439 */ 4440 if (dep_ipif->ipif_ill != ill) 4441 ipif_refrele(dep_ipif); 4442 dep_ipif = ipif; 4443 } 4444 continue; 4445 } 4446 if (saved_ipif == NULL) { 4447 saved_ipif = ipif; 4448 } else { 4449 if (ipif_comp_multi(saved_ipif, ipif, isv6)) { 4450 if (saved_ipif->ipif_ill != ill) 4451 ipif_refrele(saved_ipif); 4452 saved_ipif = ipif; 4453 } 4454 } 4455 } 4456 /* 4457 * Before going to the next ill, do a ipif_refhold() on the 4458 * saved ones. 4459 */ 4460 if (saved_ipif != NULL && saved_ipif->ipif_ill == ill) 4461 ipif_refhold_locked(saved_ipif); 4462 if (dep_ipif != NULL && dep_ipif->ipif_ill == ill) 4463 ipif_refhold_locked(dep_ipif); 4464 mutex_exit(&ill->ill_lock); 4465 } 4466 rw_exit(&ipst->ips_ill_g_lock); 4467 4468 /* 4469 * If we have only the saved_ipif, return it. But if we have both 4470 * saved_ipif and dep_ipif, check to see which one is better. 4471 */ 4472 if (saved_ipif != NULL) { 4473 if (dep_ipif != NULL) { 4474 if (ipif_comp_multi(saved_ipif, dep_ipif, isv6)) { 4475 ipif_refrele(saved_ipif); 4476 return (dep_ipif); 4477 } else { 4478 ipif_refrele(dep_ipif); 4479 return (saved_ipif); 4480 } 4481 } 4482 return (saved_ipif); 4483 } else { 4484 return (dep_ipif); 4485 } 4486 } 4487 4488 ill_t * 4489 ill_lookup_multicast(ip_stack_t *ipst, zoneid_t zoneid, boolean_t isv6) 4490 { 4491 ipif_t *ipif; 4492 ill_t *ill; 4493 4494 ipif = ipif_lookup_multicast(ipst, zoneid, isv6); 4495 if (ipif == NULL) 4496 return (NULL); 4497 4498 ill = ipif->ipif_ill; 4499 ill_refhold(ill); 4500 ipif_refrele(ipif); 4501 return (ill); 4502 } 4503 4504 /* 4505 * This function is called when an application does not specify an interface 4506 * to be used for multicast traffic (joining a group/sending data). It 4507 * calls ire_lookup_multi() to look for an interface route for the 4508 * specified multicast group. Doing this allows the administrator to add 4509 * prefix routes for multicast to indicate which interface to be used for 4510 * multicast traffic in the above scenario. The route could be for all 4511 * multicast (224.0/4), for a single multicast group (a /32 route) or 4512 * anything in between. If there is no such multicast route, we just find 4513 * any multicast capable interface and return it. The returned ipif 4514 * is refhold'ed. 4515 * 4516 * We support MULTIRT and RTF_SETSRC on the multicast routes added to the 4517 * unicast table. This is used by CGTP. 4518 */ 4519 ill_t * 4520 ill_lookup_group_v4(ipaddr_t group, zoneid_t zoneid, ip_stack_t *ipst, 4521 boolean_t *multirtp, ipaddr_t *setsrcp) 4522 { 4523 ill_t *ill; 4524 4525 ill = ire_lookup_multi_ill_v4(group, zoneid, ipst, multirtp, setsrcp); 4526 if (ill != NULL) 4527 return (ill); 4528 4529 return (ill_lookup_multicast(ipst, zoneid, B_FALSE)); 4530 } 4531 4532 /* 4533 * Look for an ipif with the specified interface address and destination. 4534 * The destination address is used only for matching point-to-point interfaces. 4535 */ 4536 ipif_t * 4537 ipif_lookup_interface(ipaddr_t if_addr, ipaddr_t dst, ip_stack_t *ipst) 4538 { 4539 ipif_t *ipif; 4540 ill_t *ill; 4541 ill_walk_context_t ctx; 4542 4543 /* 4544 * First match all the point-to-point interfaces 4545 * before looking at non-point-to-point interfaces. 4546 * This is done to avoid returning non-point-to-point 4547 * ipif instead of unnumbered point-to-point ipif. 4548 */ 4549 rw_enter(&ipst->ips_ill_g_lock, RW_READER); 4550 ill = ILL_START_WALK_V4(&ctx, ipst); 4551 for (; ill != NULL; ill = ill_next(&ctx, ill)) { 4552 mutex_enter(&ill->ill_lock); 4553 for (ipif = ill->ill_ipif; ipif != NULL; 4554 ipif = ipif->ipif_next) { 4555 /* Allow the ipif to be down */ 4556 if ((ipif->ipif_flags & IPIF_POINTOPOINT) && 4557 (ipif->ipif_lcl_addr == if_addr) && 4558 (ipif->ipif_pp_dst_addr == dst)) { 4559 if (!IPIF_IS_CONDEMNED(ipif)) { 4560 ipif_refhold_locked(ipif); 4561 mutex_exit(&ill->ill_lock); 4562 rw_exit(&ipst->ips_ill_g_lock); 4563 return (ipif); 4564 } 4565 } 4566 } 4567 mutex_exit(&ill->ill_lock); 4568 } 4569 rw_exit(&ipst->ips_ill_g_lock); 4570 4571 /* lookup the ipif based on interface address */ 4572 ipif = ipif_lookup_addr(if_addr, NULL, ALL_ZONES, ipst); 4573 ASSERT(ipif == NULL || !ipif->ipif_isv6); 4574 return (ipif); 4575 } 4576 4577 /* 4578 * Common function for ipif_lookup_addr() and ipif_lookup_addr_exact(). 4579 */ 4580 static ipif_t * 4581 ipif_lookup_addr_common(ipaddr_t addr, ill_t *match_ill, uint32_t match_flags, 4582 zoneid_t zoneid, ip_stack_t *ipst) 4583 { 4584 ipif_t *ipif; 4585 ill_t *ill; 4586 boolean_t ptp = B_FALSE; 4587 ill_walk_context_t ctx; 4588 boolean_t match_illgrp = (match_flags & IPIF_MATCH_ILLGRP); 4589 boolean_t no_duplicate = (match_flags & IPIF_MATCH_NONDUP); 4590 4591 rw_enter(&ipst->ips_ill_g_lock, RW_READER); 4592 /* 4593 * Repeat twice, first based on local addresses and 4594 * next time for pointopoint. 4595 */ 4596 repeat: 4597 ill = ILL_START_WALK_V4(&ctx, ipst); 4598 for (; ill != NULL; ill = ill_next(&ctx, ill)) { 4599 if (match_ill != NULL && ill != match_ill && 4600 (!match_illgrp || !IS_IN_SAME_ILLGRP(ill, match_ill))) { 4601 continue; 4602 } 4603 mutex_enter(&ill->ill_lock); 4604 for (ipif = ill->ill_ipif; ipif != NULL; 4605 ipif = ipif->ipif_next) { 4606 if (zoneid != ALL_ZONES && 4607 zoneid != ipif->ipif_zoneid && 4608 ipif->ipif_zoneid != ALL_ZONES) 4609 continue; 4610 4611 if (no_duplicate && !(ipif->ipif_flags & IPIF_UP)) 4612 continue; 4613 4614 /* Allow the ipif to be down */ 4615 if ((!ptp && (ipif->ipif_lcl_addr == addr) && 4616 ((ipif->ipif_flags & IPIF_UNNUMBERED) == 0)) || 4617 (ptp && (ipif->ipif_flags & IPIF_POINTOPOINT) && 4618 (ipif->ipif_pp_dst_addr == addr))) { 4619 if (!IPIF_IS_CONDEMNED(ipif)) { 4620 ipif_refhold_locked(ipif); 4621 mutex_exit(&ill->ill_lock); 4622 rw_exit(&ipst->ips_ill_g_lock); 4623 return (ipif); 4624 } 4625 } 4626 } 4627 mutex_exit(&ill->ill_lock); 4628 } 4629 4630 /* If we already did the ptp case, then we are done */ 4631 if (ptp) { 4632 rw_exit(&ipst->ips_ill_g_lock); 4633 return (NULL); 4634 } 4635 ptp = B_TRUE; 4636 goto repeat; 4637 } 4638 4639 /* 4640 * Lookup an ipif with the specified address. For point-to-point links we 4641 * look for matches on either the destination address or the local address, 4642 * but we skip the local address check if IPIF_UNNUMBERED is set. If the 4643 * `match_ill' argument is non-NULL, the lookup is restricted to that ill 4644 * (or illgrp if `match_ill' is in an IPMP group). 4645 */ 4646 ipif_t * 4647 ipif_lookup_addr(ipaddr_t addr, ill_t *match_ill, zoneid_t zoneid, 4648 ip_stack_t *ipst) 4649 { 4650 return (ipif_lookup_addr_common(addr, match_ill, IPIF_MATCH_ILLGRP, 4651 zoneid, ipst)); 4652 } 4653 4654 /* 4655 * Lookup an ipif with the specified address. Similar to ipif_lookup_addr, 4656 * except that we will only return an address if it is not marked as 4657 * IPIF_DUPLICATE 4658 */ 4659 ipif_t * 4660 ipif_lookup_addr_nondup(ipaddr_t addr, ill_t *match_ill, zoneid_t zoneid, 4661 ip_stack_t *ipst) 4662 { 4663 return (ipif_lookup_addr_common(addr, match_ill, 4664 (IPIF_MATCH_ILLGRP | IPIF_MATCH_NONDUP), 4665 zoneid, ipst)); 4666 } 4667 4668 /* 4669 * Special abbreviated version of ipif_lookup_addr() that doesn't match 4670 * `match_ill' across the IPMP group. This function is only needed in some 4671 * corner-cases; almost everything should use ipif_lookup_addr(). 4672 */ 4673 ipif_t * 4674 ipif_lookup_addr_exact(ipaddr_t addr, ill_t *match_ill, ip_stack_t *ipst) 4675 { 4676 ASSERT(match_ill != NULL); 4677 return (ipif_lookup_addr_common(addr, match_ill, 0, ALL_ZONES, 4678 ipst)); 4679 } 4680 4681 /* 4682 * Look for an ipif with the specified address. For point-point links 4683 * we look for matches on either the destination address and the local 4684 * address, but we ignore the check on the local address if IPIF_UNNUMBERED 4685 * is set. 4686 * If the `match_ill' argument is non-NULL, the lookup is restricted to that 4687 * ill (or illgrp if `match_ill' is in an IPMP group). 4688 * Return the zoneid for the ipif which matches. ALL_ZONES if no match. 4689 */ 4690 zoneid_t 4691 ipif_lookup_addr_zoneid(ipaddr_t addr, ill_t *match_ill, ip_stack_t *ipst) 4692 { 4693 zoneid_t zoneid; 4694 ipif_t *ipif; 4695 ill_t *ill; 4696 boolean_t ptp = B_FALSE; 4697 ill_walk_context_t ctx; 4698 4699 rw_enter(&ipst->ips_ill_g_lock, RW_READER); 4700 /* 4701 * Repeat twice, first based on local addresses and 4702 * next time for pointopoint. 4703 */ 4704 repeat: 4705 ill = ILL_START_WALK_V4(&ctx, ipst); 4706 for (; ill != NULL; ill = ill_next(&ctx, ill)) { 4707 if (match_ill != NULL && ill != match_ill && 4708 !IS_IN_SAME_ILLGRP(ill, match_ill)) { 4709 continue; 4710 } 4711 mutex_enter(&ill->ill_lock); 4712 for (ipif = ill->ill_ipif; ipif != NULL; 4713 ipif = ipif->ipif_next) { 4714 /* Allow the ipif to be down */ 4715 if ((!ptp && (ipif->ipif_lcl_addr == addr) && 4716 ((ipif->ipif_flags & IPIF_UNNUMBERED) == 0)) || 4717 (ptp && (ipif->ipif_flags & IPIF_POINTOPOINT) && 4718 (ipif->ipif_pp_dst_addr == addr)) && 4719 !(ipif->ipif_state_flags & IPIF_CONDEMNED)) { 4720 zoneid = ipif->ipif_zoneid; 4721 mutex_exit(&ill->ill_lock); 4722 rw_exit(&ipst->ips_ill_g_lock); 4723 /* 4724 * If ipif_zoneid was ALL_ZONES then we have 4725 * a trusted extensions shared IP address. 4726 * In that case GLOBAL_ZONEID works to send. 4727 */ 4728 if (zoneid == ALL_ZONES) 4729 zoneid = GLOBAL_ZONEID; 4730 return (zoneid); 4731 } 4732 } 4733 mutex_exit(&ill->ill_lock); 4734 } 4735 4736 /* If we already did the ptp case, then we are done */ 4737 if (ptp) { 4738 rw_exit(&ipst->ips_ill_g_lock); 4739 return (ALL_ZONES); 4740 } 4741 ptp = B_TRUE; 4742 goto repeat; 4743 } 4744 4745 /* 4746 * Look for an ipif that matches the specified remote address i.e. the 4747 * ipif that would receive the specified packet. 4748 * First look for directly connected interfaces and then do a recursive 4749 * IRE lookup and pick the first ipif corresponding to the source address in the 4750 * ire. 4751 * Returns: held ipif 4752 * 4753 * This is only used for ICMP_ADDRESS_MASK_REQUESTs 4754 */ 4755 ipif_t * 4756 ipif_lookup_remote(ill_t *ill, ipaddr_t addr, zoneid_t zoneid) 4757 { 4758 ipif_t *ipif; 4759 4760 ASSERT(!ill->ill_isv6); 4761 4762 /* 4763 * Someone could be changing this ipif currently or change it 4764 * after we return this. Thus a few packets could use the old 4765 * old values. However structure updates/creates (ire, ilg, ilm etc) 4766 * will atomically be updated or cleaned up with the new value 4767 * Thus we don't need a lock to check the flags or other attrs below. 4768 */ 4769 mutex_enter(&ill->ill_lock); 4770 for (ipif = ill->ill_ipif; ipif != NULL; ipif = ipif->ipif_next) { 4771 if (IPIF_IS_CONDEMNED(ipif)) 4772 continue; 4773 if (zoneid != ALL_ZONES && zoneid != ipif->ipif_zoneid && 4774 ipif->ipif_zoneid != ALL_ZONES) 4775 continue; 4776 /* Allow the ipif to be down */ 4777 if (ipif->ipif_flags & IPIF_POINTOPOINT) { 4778 if ((ipif->ipif_pp_dst_addr == addr) || 4779 (!(ipif->ipif_flags & IPIF_UNNUMBERED) && 4780 ipif->ipif_lcl_addr == addr)) { 4781 ipif_refhold_locked(ipif); 4782 mutex_exit(&ill->ill_lock); 4783 return (ipif); 4784 } 4785 } else if (ipif->ipif_subnet == (addr & ipif->ipif_net_mask)) { 4786 ipif_refhold_locked(ipif); 4787 mutex_exit(&ill->ill_lock); 4788 return (ipif); 4789 } 4790 } 4791 mutex_exit(&ill->ill_lock); 4792 /* 4793 * For a remote destination it isn't possible to nail down a particular 4794 * ipif. 4795 */ 4796 4797 /* Pick the first interface */ 4798 ipif = ipif_get_next_ipif(NULL, ill); 4799 return (ipif); 4800 } 4801 4802 /* 4803 * This func does not prevent refcnt from increasing. But if 4804 * the caller has taken steps to that effect, then this func 4805 * can be used to determine whether the ill has become quiescent 4806 */ 4807 static boolean_t 4808 ill_is_quiescent(ill_t *ill) 4809 { 4810 ipif_t *ipif; 4811 4812 ASSERT(MUTEX_HELD(&ill->ill_lock)); 4813 4814 for (ipif = ill->ill_ipif; ipif != NULL; ipif = ipif->ipif_next) { 4815 if (ipif->ipif_refcnt != 0) 4816 return (B_FALSE); 4817 } 4818 if (!ILL_DOWN_OK(ill) || ill->ill_refcnt != 0) { 4819 return (B_FALSE); 4820 } 4821 return (B_TRUE); 4822 } 4823 4824 boolean_t 4825 ill_is_freeable(ill_t *ill) 4826 { 4827 ipif_t *ipif; 4828 4829 ASSERT(MUTEX_HELD(&ill->ill_lock)); 4830 4831 for (ipif = ill->ill_ipif; ipif != NULL; ipif = ipif->ipif_next) { 4832 if (ipif->ipif_refcnt != 0) { 4833 return (B_FALSE); 4834 } 4835 } 4836 if (!ILL_FREE_OK(ill) || ill->ill_refcnt != 0) { 4837 return (B_FALSE); 4838 } 4839 return (B_TRUE); 4840 } 4841 4842 /* 4843 * This func does not prevent refcnt from increasing. But if 4844 * the caller has taken steps to that effect, then this func 4845 * can be used to determine whether the ipif has become quiescent 4846 */ 4847 static boolean_t 4848 ipif_is_quiescent(ipif_t *ipif) 4849 { 4850 ill_t *ill; 4851 4852 ASSERT(MUTEX_HELD(&ipif->ipif_ill->ill_lock)); 4853 4854 if (ipif->ipif_refcnt != 0) 4855 return (B_FALSE); 4856 4857 ill = ipif->ipif_ill; 4858 if (ill->ill_ipif_up_count != 0 || ill->ill_ipif_dup_count != 0 || 4859 ill->ill_logical_down) { 4860 return (B_TRUE); 4861 } 4862 4863 /* This is the last ipif going down or being deleted on this ill */ 4864 if (ill->ill_ire_cnt != 0 || ill->ill_refcnt != 0) { 4865 return (B_FALSE); 4866 } 4867 4868 return (B_TRUE); 4869 } 4870 4871 /* 4872 * return true if the ipif can be destroyed: the ipif has to be quiescent 4873 * with zero references from ire/ilm to it. 4874 */ 4875 static boolean_t 4876 ipif_is_freeable(ipif_t *ipif) 4877 { 4878 ASSERT(MUTEX_HELD(&ipif->ipif_ill->ill_lock)); 4879 ASSERT(ipif->ipif_id != 0); 4880 return (ipif->ipif_refcnt == 0); 4881 } 4882 4883 /* 4884 * The ipif/ill/ire has been refreled. Do the tail processing. 4885 * Determine if the ipif or ill in question has become quiescent and if so 4886 * wakeup close and/or restart any queued pending ioctl that is waiting 4887 * for the ipif_down (or ill_down) 4888 */ 4889 void 4890 ipif_ill_refrele_tail(ill_t *ill) 4891 { 4892 mblk_t *mp; 4893 conn_t *connp; 4894 ipsq_t *ipsq; 4895 ipxop_t *ipx; 4896 ipif_t *ipif; 4897 dl_notify_ind_t *dlindp; 4898 4899 ASSERT(MUTEX_HELD(&ill->ill_lock)); 4900 4901 if ((ill->ill_state_flags & ILL_CONDEMNED) && ill_is_freeable(ill)) { 4902 /* ip_modclose() may be waiting */ 4903 cv_broadcast(&ill->ill_cv); 4904 } 4905 4906 ipsq = ill->ill_phyint->phyint_ipsq; 4907 mutex_enter(&ipsq->ipsq_lock); 4908 ipx = ipsq->ipsq_xop; 4909 mutex_enter(&ipx->ipx_lock); 4910 if (ipx->ipx_waitfor == 0) /* no one's waiting; bail */ 4911 goto unlock; 4912 4913 ASSERT(ipx->ipx_pending_mp != NULL && ipx->ipx_pending_ipif != NULL); 4914 4915 ipif = ipx->ipx_pending_ipif; 4916 if (ipif->ipif_ill != ill) /* wait is for another ill; bail */ 4917 goto unlock; 4918 4919 switch (ipx->ipx_waitfor) { 4920 case IPIF_DOWN: 4921 if (!ipif_is_quiescent(ipif)) 4922 goto unlock; 4923 break; 4924 case IPIF_FREE: 4925 if (!ipif_is_freeable(ipif)) 4926 goto unlock; 4927 break; 4928 case ILL_DOWN: 4929 if (!ill_is_quiescent(ill)) 4930 goto unlock; 4931 break; 4932 case ILL_FREE: 4933 /* 4934 * ILL_FREE is only for loopback; normal ill teardown waits 4935 * synchronously in ip_modclose() without using ipx_waitfor, 4936 * handled by the cv_broadcast() at the top of this function. 4937 */ 4938 if (!ill_is_freeable(ill)) 4939 goto unlock; 4940 break; 4941 default: 4942 cmn_err(CE_PANIC, "ipsq: %p unknown ipx_waitfor %d\n", 4943 (void *)ipsq, ipx->ipx_waitfor); 4944 } 4945 4946 ill_refhold_locked(ill); /* for qwriter_ip() call below */ 4947 mutex_exit(&ipx->ipx_lock); 4948 mp = ipsq_pending_mp_get(ipsq, &connp); 4949 mutex_exit(&ipsq->ipsq_lock); 4950 mutex_exit(&ill->ill_lock); 4951 4952 ASSERT(mp != NULL); 4953 /* 4954 * NOTE: all of the qwriter_ip() calls below use CUR_OP since 4955 * we can only get here when the current operation decides it 4956 * it needs to quiesce via ipsq_pending_mp_add(). 4957 */ 4958 switch (mp->b_datap->db_type) { 4959 case M_PCPROTO: 4960 case M_PROTO: 4961 /* 4962 * For now, only DL_NOTIFY_IND messages can use this facility. 4963 */ 4964 dlindp = (dl_notify_ind_t *)mp->b_rptr; 4965 ASSERT(dlindp->dl_primitive == DL_NOTIFY_IND); 4966 4967 switch (dlindp->dl_notification) { 4968 case DL_NOTE_PHYS_ADDR: 4969 qwriter_ip(ill, ill->ill_rq, mp, 4970 ill_set_phys_addr_tail, CUR_OP, B_TRUE); 4971 return; 4972 case DL_NOTE_REPLUMB: 4973 qwriter_ip(ill, ill->ill_rq, mp, 4974 ill_replumb_tail, CUR_OP, B_TRUE); 4975 return; 4976 default: 4977 ASSERT(0); 4978 ill_refrele(ill); 4979 } 4980 break; 4981 4982 case M_ERROR: 4983 case M_HANGUP: 4984 qwriter_ip(ill, ill->ill_rq, mp, ipif_all_down_tail, CUR_OP, 4985 B_TRUE); 4986 return; 4987 4988 case M_IOCTL: 4989 case M_IOCDATA: 4990 qwriter_ip(ill, (connp != NULL ? CONNP_TO_WQ(connp) : 4991 ill->ill_wq), mp, ip_reprocess_ioctl, CUR_OP, B_TRUE); 4992 return; 4993 4994 default: 4995 cmn_err(CE_PANIC, "ipif_ill_refrele_tail mp %p " 4996 "db_type %d\n", (void *)mp, mp->b_datap->db_type); 4997 } 4998 return; 4999 unlock: 5000 mutex_exit(&ipsq->ipsq_lock); 5001 mutex_exit(&ipx->ipx_lock); 5002 mutex_exit(&ill->ill_lock); 5003 } 5004 5005 #ifdef DEBUG 5006 /* Reuse trace buffer from beginning (if reached the end) and record trace */ 5007 static void 5008 th_trace_rrecord(th_trace_t *th_trace) 5009 { 5010 tr_buf_t *tr_buf; 5011 uint_t lastref; 5012 5013 lastref = th_trace->th_trace_lastref; 5014 lastref++; 5015 if (lastref == TR_BUF_MAX) 5016 lastref = 0; 5017 th_trace->th_trace_lastref = lastref; 5018 tr_buf = &th_trace->th_trbuf[lastref]; 5019 tr_buf->tr_time = ddi_get_lbolt(); 5020 tr_buf->tr_depth = getpcstack(tr_buf->tr_stack, TR_STACK_DEPTH); 5021 } 5022 5023 static void 5024 th_trace_free(void *value) 5025 { 5026 th_trace_t *th_trace = value; 5027 5028 ASSERT(th_trace->th_refcnt == 0); 5029 kmem_free(th_trace, sizeof (*th_trace)); 5030 } 5031 5032 /* 5033 * Find or create the per-thread hash table used to track object references. 5034 * The ipst argument is NULL if we shouldn't allocate. 5035 * 5036 * Accesses per-thread data, so there's no need to lock here. 5037 */ 5038 static mod_hash_t * 5039 th_trace_gethash(ip_stack_t *ipst) 5040 { 5041 th_hash_t *thh; 5042 5043 if ((thh = tsd_get(ip_thread_data)) == NULL && ipst != NULL) { 5044 mod_hash_t *mh; 5045 char name[256]; 5046 size_t objsize, rshift; 5047 int retv; 5048 5049 if ((thh = kmem_alloc(sizeof (*thh), KM_NOSLEEP)) == NULL) 5050 return (NULL); 5051 (void) snprintf(name, sizeof (name), "th_trace_%p", 5052 (void *)curthread); 5053 5054 /* 5055 * We use mod_hash_create_extended here rather than the more 5056 * obvious mod_hash_create_ptrhash because the latter has a 5057 * hard-coded KM_SLEEP, and we'd prefer to fail rather than 5058 * block. 5059 */ 5060 objsize = MAX(MAX(sizeof (ill_t), sizeof (ipif_t)), 5061 MAX(sizeof (ire_t), sizeof (ncec_t))); 5062 rshift = highbit(objsize); 5063 mh = mod_hash_create_extended(name, 64, mod_hash_null_keydtor, 5064 th_trace_free, mod_hash_byptr, (void *)rshift, 5065 mod_hash_ptrkey_cmp, KM_NOSLEEP); 5066 if (mh == NULL) { 5067 kmem_free(thh, sizeof (*thh)); 5068 return (NULL); 5069 } 5070 thh->thh_hash = mh; 5071 thh->thh_ipst = ipst; 5072 /* 5073 * We trace ills, ipifs, ires, and nces. All of these are 5074 * per-IP-stack, so the lock on the thread list is as well. 5075 */ 5076 rw_enter(&ip_thread_rwlock, RW_WRITER); 5077 list_insert_tail(&ip_thread_list, thh); 5078 rw_exit(&ip_thread_rwlock); 5079 retv = tsd_set(ip_thread_data, thh); 5080 ASSERT(retv == 0); 5081 } 5082 return (thh != NULL ? thh->thh_hash : NULL); 5083 } 5084 5085 boolean_t 5086 th_trace_ref(const void *obj, ip_stack_t *ipst) 5087 { 5088 th_trace_t *th_trace; 5089 mod_hash_t *mh; 5090 mod_hash_val_t val; 5091 5092 if ((mh = th_trace_gethash(ipst)) == NULL) 5093 return (B_FALSE); 5094 5095 /* 5096 * Attempt to locate the trace buffer for this obj and thread. 5097 * If it does not exist, then allocate a new trace buffer and 5098 * insert into the hash. 5099 */ 5100 if (mod_hash_find(mh, (mod_hash_key_t)obj, &val) == MH_ERR_NOTFOUND) { 5101 th_trace = kmem_zalloc(sizeof (th_trace_t), KM_NOSLEEP); 5102 if (th_trace == NULL) 5103 return (B_FALSE); 5104 5105 th_trace->th_id = curthread; 5106 if (mod_hash_insert(mh, (mod_hash_key_t)obj, 5107 (mod_hash_val_t)th_trace) != 0) { 5108 kmem_free(th_trace, sizeof (th_trace_t)); 5109 return (B_FALSE); 5110 } 5111 } else { 5112 th_trace = (th_trace_t *)val; 5113 } 5114 5115 ASSERT(th_trace->th_refcnt >= 0 && 5116 th_trace->th_refcnt < TR_BUF_MAX - 1); 5117 5118 th_trace->th_refcnt++; 5119 th_trace_rrecord(th_trace); 5120 return (B_TRUE); 5121 } 5122 5123 /* 5124 * For the purpose of tracing a reference release, we assume that global 5125 * tracing is always on and that the same thread initiated the reference hold 5126 * is releasing. 5127 */ 5128 void 5129 th_trace_unref(const void *obj) 5130 { 5131 int retv; 5132 mod_hash_t *mh; 5133 th_trace_t *th_trace; 5134 mod_hash_val_t val; 5135 5136 mh = th_trace_gethash(NULL); 5137 retv = mod_hash_find(mh, (mod_hash_key_t)obj, &val); 5138 ASSERT(retv == 0); 5139 th_trace = (th_trace_t *)val; 5140 5141 ASSERT(th_trace->th_refcnt > 0); 5142 th_trace->th_refcnt--; 5143 th_trace_rrecord(th_trace); 5144 } 5145 5146 /* 5147 * If tracing has been disabled, then we assume that the reference counts are 5148 * now useless, and we clear them out before destroying the entries. 5149 */ 5150 void 5151 th_trace_cleanup(const void *obj, boolean_t trace_disable) 5152 { 5153 th_hash_t *thh; 5154 mod_hash_t *mh; 5155 mod_hash_val_t val; 5156 th_trace_t *th_trace; 5157 int retv; 5158 5159 rw_enter(&ip_thread_rwlock, RW_READER); 5160 for (thh = list_head(&ip_thread_list); thh != NULL; 5161 thh = list_next(&ip_thread_list, thh)) { 5162 if (mod_hash_find(mh = thh->thh_hash, (mod_hash_key_t)obj, 5163 &val) == 0) { 5164 th_trace = (th_trace_t *)val; 5165 if (trace_disable) 5166 th_trace->th_refcnt = 0; 5167 retv = mod_hash_destroy(mh, (mod_hash_key_t)obj); 5168 ASSERT(retv == 0); 5169 } 5170 } 5171 rw_exit(&ip_thread_rwlock); 5172 } 5173 5174 void 5175 ipif_trace_ref(ipif_t *ipif) 5176 { 5177 ASSERT(MUTEX_HELD(&ipif->ipif_ill->ill_lock)); 5178 5179 if (ipif->ipif_trace_disable) 5180 return; 5181 5182 if (!th_trace_ref(ipif, ipif->ipif_ill->ill_ipst)) { 5183 ipif->ipif_trace_disable = B_TRUE; 5184 ipif_trace_cleanup(ipif); 5185 } 5186 } 5187 5188 void 5189 ipif_untrace_ref(ipif_t *ipif) 5190 { 5191 ASSERT(MUTEX_HELD(&ipif->ipif_ill->ill_lock)); 5192 5193 if (!ipif->ipif_trace_disable) 5194 th_trace_unref(ipif); 5195 } 5196 5197 void 5198 ill_trace_ref(ill_t *ill) 5199 { 5200 ASSERT(MUTEX_HELD(&ill->ill_lock)); 5201 5202 if (ill->ill_trace_disable) 5203 return; 5204 5205 if (!th_trace_ref(ill, ill->ill_ipst)) { 5206 ill->ill_trace_disable = B_TRUE; 5207 ill_trace_cleanup(ill); 5208 } 5209 } 5210 5211 void 5212 ill_untrace_ref(ill_t *ill) 5213 { 5214 ASSERT(MUTEX_HELD(&ill->ill_lock)); 5215 5216 if (!ill->ill_trace_disable) 5217 th_trace_unref(ill); 5218 } 5219 5220 /* 5221 * Called when ipif is unplumbed or when memory alloc fails. Note that on 5222 * failure, ipif_trace_disable is set. 5223 */ 5224 static void 5225 ipif_trace_cleanup(const ipif_t *ipif) 5226 { 5227 th_trace_cleanup(ipif, ipif->ipif_trace_disable); 5228 } 5229 5230 /* 5231 * Called when ill is unplumbed or when memory alloc fails. Note that on 5232 * failure, ill_trace_disable is set. 5233 */ 5234 static void 5235 ill_trace_cleanup(const ill_t *ill) 5236 { 5237 th_trace_cleanup(ill, ill->ill_trace_disable); 5238 } 5239 #endif /* DEBUG */ 5240 5241 void 5242 ipif_refhold_locked(ipif_t *ipif) 5243 { 5244 ASSERT(MUTEX_HELD(&ipif->ipif_ill->ill_lock)); 5245 ipif->ipif_refcnt++; 5246 IPIF_TRACE_REF(ipif); 5247 } 5248 5249 void 5250 ipif_refhold(ipif_t *ipif) 5251 { 5252 ill_t *ill; 5253 5254 ill = ipif->ipif_ill; 5255 mutex_enter(&ill->ill_lock); 5256 ipif->ipif_refcnt++; 5257 IPIF_TRACE_REF(ipif); 5258 mutex_exit(&ill->ill_lock); 5259 } 5260 5261 /* 5262 * Must not be called while holding any locks. Otherwise if this is 5263 * the last reference to be released there is a chance of recursive mutex 5264 * panic due to ipif_refrele -> ipif_ill_refrele_tail -> qwriter_ip trying 5265 * to restart an ioctl. 5266 */ 5267 void 5268 ipif_refrele(ipif_t *ipif) 5269 { 5270 ill_t *ill; 5271 5272 ill = ipif->ipif_ill; 5273 5274 mutex_enter(&ill->ill_lock); 5275 ASSERT(ipif->ipif_refcnt != 0); 5276 ipif->ipif_refcnt--; 5277 IPIF_UNTRACE_REF(ipif); 5278 if (ipif->ipif_refcnt != 0) { 5279 mutex_exit(&ill->ill_lock); 5280 return; 5281 } 5282 5283 /* Drops the ill_lock */ 5284 ipif_ill_refrele_tail(ill); 5285 } 5286 5287 ipif_t * 5288 ipif_get_next_ipif(ipif_t *curr, ill_t *ill) 5289 { 5290 ipif_t *ipif; 5291 5292 mutex_enter(&ill->ill_lock); 5293 for (ipif = (curr == NULL ? ill->ill_ipif : curr->ipif_next); 5294 ipif != NULL; ipif = ipif->ipif_next) { 5295 if (IPIF_IS_CONDEMNED(ipif)) 5296 continue; 5297 ipif_refhold_locked(ipif); 5298 mutex_exit(&ill->ill_lock); 5299 return (ipif); 5300 } 5301 mutex_exit(&ill->ill_lock); 5302 return (NULL); 5303 } 5304 5305 /* 5306 * TODO: make this table extendible at run time 5307 * Return a pointer to the mac type info for 'mac_type' 5308 */ 5309 static ip_m_t * 5310 ip_m_lookup(t_uscalar_t mac_type) 5311 { 5312 ip_m_t *ipm; 5313 5314 for (ipm = ip_m_tbl; ipm < A_END(ip_m_tbl); ipm++) 5315 if (ipm->ip_m_mac_type == mac_type) 5316 return (ipm); 5317 return (NULL); 5318 } 5319 5320 /* 5321 * Make a link layer address from the multicast IP address *addr. 5322 * To form the link layer address, invoke the ip_m_v*mapping function 5323 * associated with the link-layer type. 5324 */ 5325 void 5326 ip_mcast_mapping(ill_t *ill, uchar_t *addr, uchar_t *hwaddr) 5327 { 5328 ip_m_t *ipm; 5329 5330 if (ill->ill_net_type == IRE_IF_NORESOLVER) 5331 return; 5332 5333 ASSERT(addr != NULL); 5334 5335 ipm = ip_m_lookup(ill->ill_mactype); 5336 if (ipm == NULL || 5337 (ill->ill_isv6 && ipm->ip_m_v6mapping == NULL) || 5338 (!ill->ill_isv6 && ipm->ip_m_v4mapping == NULL)) { 5339 ip0dbg(("no mapping for ill %s mactype 0x%x\n", 5340 ill->ill_name, ill->ill_mactype)); 5341 return; 5342 } 5343 if (ill->ill_isv6) 5344 (*ipm->ip_m_v6mapping)(ill, addr, hwaddr); 5345 else 5346 (*ipm->ip_m_v4mapping)(ill, addr, hwaddr); 5347 } 5348 5349 /* 5350 * Returns B_FALSE if the IPv4 netmask pointed by `mask' is non-contiguous. 5351 * Otherwise returns B_TRUE. 5352 * 5353 * The netmask can be verified to be contiguous with 32 shifts and or 5354 * operations. Take the contiguous mask (in host byte order) and compute 5355 * mask | mask << 1 | mask << 2 | ... | mask << 31 5356 * the result will be the same as the 'mask' for contiguous mask. 5357 */ 5358 static boolean_t 5359 ip_contiguous_mask(uint32_t mask) 5360 { 5361 uint32_t m = mask; 5362 int i; 5363 5364 for (i = 1; i < 32; i++) 5365 m |= (mask << i); 5366 5367 return (m == mask); 5368 } 5369 5370 /* 5371 * ip_rt_add is called to add an IPv4 route to the forwarding table. 5372 * ill is passed in to associate it with the correct interface. 5373 * If ire_arg is set, then we return the held IRE in that location. 5374 */ 5375 int 5376 ip_rt_add(ipaddr_t dst_addr, ipaddr_t mask, ipaddr_t gw_addr, 5377 ipaddr_t src_addr, int flags, ill_t *ill, ire_t **ire_arg, 5378 boolean_t ioctl_msg, struct rtsa_s *sp, ip_stack_t *ipst, zoneid_t zoneid) 5379 { 5380 ire_t *ire, *nire; 5381 ire_t *gw_ire = NULL; 5382 ipif_t *ipif = NULL; 5383 uint_t type; 5384 int match_flags = MATCH_IRE_TYPE; 5385 tsol_gc_t *gc = NULL; 5386 tsol_gcgrp_t *gcgrp = NULL; 5387 boolean_t gcgrp_xtraref = B_FALSE; 5388 boolean_t cgtp_broadcast; 5389 boolean_t unbound = B_FALSE; 5390 5391 ip1dbg(("ip_rt_add:")); 5392 5393 if (ire_arg != NULL) 5394 *ire_arg = NULL; 5395 5396 /* disallow non-contiguous netmasks */ 5397 if (!ip_contiguous_mask(ntohl(mask))) 5398 return (ENOTSUP); 5399 5400 /* 5401 * If this is the case of RTF_HOST being set, then we set the netmask 5402 * to all ones (regardless if one was supplied). 5403 */ 5404 if (flags & RTF_HOST) 5405 mask = IP_HOST_MASK; 5406 5407 /* 5408 * Prevent routes with a zero gateway from being created (since 5409 * interfaces can currently be plumbed and brought up no assigned 5410 * address). 5411 */ 5412 if (gw_addr == 0) 5413 return (ENETUNREACH); 5414 /* 5415 * Get the ipif, if any, corresponding to the gw_addr 5416 * If -ifp was specified we restrict ourselves to the ill, otherwise 5417 * we match on the gatway and destination to handle unnumbered pt-pt 5418 * interfaces. 5419 */ 5420 if (ill != NULL) 5421 ipif = ipif_lookup_addr(gw_addr, ill, ALL_ZONES, ipst); 5422 else 5423 ipif = ipif_lookup_interface(gw_addr, dst_addr, ipst); 5424 if (ipif != NULL) { 5425 if (IS_VNI(ipif->ipif_ill)) { 5426 ipif_refrele(ipif); 5427 return (EINVAL); 5428 } 5429 } 5430 5431 /* 5432 * GateD will attempt to create routes with a loopback interface 5433 * address as the gateway and with RTF_GATEWAY set. We allow 5434 * these routes to be added, but create them as interface routes 5435 * since the gateway is an interface address. 5436 */ 5437 if ((ipif != NULL) && (ipif->ipif_ire_type == IRE_LOOPBACK)) { 5438 flags &= ~RTF_GATEWAY; 5439 if (gw_addr == INADDR_LOOPBACK && dst_addr == INADDR_LOOPBACK && 5440 mask == IP_HOST_MASK) { 5441 ire = ire_ftable_lookup_v4(dst_addr, 0, 0, IRE_LOOPBACK, 5442 NULL, ALL_ZONES, NULL, MATCH_IRE_TYPE, 0, ipst, 5443 NULL); 5444 if (ire != NULL) { 5445 ire_refrele(ire); 5446 ipif_refrele(ipif); 5447 return (EEXIST); 5448 } 5449 ip1dbg(("ip_rt_add: 0x%p creating IRE 0x%x" 5450 "for 0x%x\n", (void *)ipif, 5451 ipif->ipif_ire_type, 5452 ntohl(ipif->ipif_lcl_addr))); 5453 ire = ire_create( 5454 (uchar_t *)&dst_addr, /* dest address */ 5455 (uchar_t *)&mask, /* mask */ 5456 NULL, /* no gateway */ 5457 ipif->ipif_ire_type, /* LOOPBACK */ 5458 ipif->ipif_ill, 5459 zoneid, 5460 (ipif->ipif_flags & IPIF_PRIVATE) ? RTF_PRIVATE : 0, 5461 NULL, 5462 ipst); 5463 5464 if (ire == NULL) { 5465 ipif_refrele(ipif); 5466 return (ENOMEM); 5467 } 5468 /* src address assigned by the caller? */ 5469 if ((src_addr != INADDR_ANY) && (flags & RTF_SETSRC)) 5470 ire->ire_setsrc_addr = src_addr; 5471 5472 nire = ire_add(ire); 5473 if (nire == NULL) { 5474 /* 5475 * In the result of failure, ire_add() will have 5476 * already deleted the ire in question, so there 5477 * is no need to do that here. 5478 */ 5479 ipif_refrele(ipif); 5480 return (ENOMEM); 5481 } 5482 /* 5483 * Check if it was a duplicate entry. This handles 5484 * the case of two racing route adds for the same route 5485 */ 5486 if (nire != ire) { 5487 ASSERT(nire->ire_identical_ref > 1); 5488 ire_delete(nire); 5489 ire_refrele(nire); 5490 ipif_refrele(ipif); 5491 return (EEXIST); 5492 } 5493 ire = nire; 5494 goto save_ire; 5495 } 5496 } 5497 5498 /* 5499 * The routes for multicast with CGTP are quite special in that 5500 * the gateway is the local interface address, yet RTF_GATEWAY 5501 * is set. We turn off RTF_GATEWAY to provide compatibility with 5502 * this undocumented and unusual use of multicast routes. 5503 */ 5504 if ((flags & RTF_MULTIRT) && ipif != NULL) 5505 flags &= ~RTF_GATEWAY; 5506 5507 /* 5508 * Traditionally, interface routes are ones where RTF_GATEWAY isn't set 5509 * and the gateway address provided is one of the system's interface 5510 * addresses. By using the routing socket interface and supplying an 5511 * RTA_IFP sockaddr with an interface index, an alternate method of 5512 * specifying an interface route to be created is available which uses 5513 * the interface index that specifies the outgoing interface rather than 5514 * the address of an outgoing interface (which may not be able to 5515 * uniquely identify an interface). When coupled with the RTF_GATEWAY 5516 * flag, routes can be specified which not only specify the next-hop to 5517 * be used when routing to a certain prefix, but also which outgoing 5518 * interface should be used. 5519 * 5520 * Previously, interfaces would have unique addresses assigned to them 5521 * and so the address assigned to a particular interface could be used 5522 * to identify a particular interface. One exception to this was the 5523 * case of an unnumbered interface (where IPIF_UNNUMBERED was set). 5524 * 5525 * With the advent of IPv6 and its link-local addresses, this 5526 * restriction was relaxed and interfaces could share addresses between 5527 * themselves. In fact, typically all of the link-local interfaces on 5528 * an IPv6 node or router will have the same link-local address. In 5529 * order to differentiate between these interfaces, the use of an 5530 * interface index is necessary and this index can be carried inside a 5531 * RTA_IFP sockaddr (which is actually a sockaddr_dl). One restriction 5532 * of using the interface index, however, is that all of the ipif's that 5533 * are part of an ill have the same index and so the RTA_IFP sockaddr 5534 * cannot be used to differentiate between ipif's (or logical 5535 * interfaces) that belong to the same ill (physical interface). 5536 * 5537 * For example, in the following case involving IPv4 interfaces and 5538 * logical interfaces 5539 * 5540 * 192.0.2.32 255.255.255.224 192.0.2.33 U if0 5541 * 192.0.2.32 255.255.255.224 192.0.2.34 U if0 5542 * 192.0.2.32 255.255.255.224 192.0.2.35 U if0 5543 * 5544 * the ipif's corresponding to each of these interface routes can be 5545 * uniquely identified by the "gateway" (actually interface address). 5546 * 5547 * In this case involving multiple IPv6 default routes to a particular 5548 * link-local gateway, the use of RTA_IFP is necessary to specify which 5549 * default route is of interest: 5550 * 5551 * default fe80::123:4567:89ab:cdef U if0 5552 * default fe80::123:4567:89ab:cdef U if1 5553 */ 5554 5555 /* RTF_GATEWAY not set */ 5556 if (!(flags & RTF_GATEWAY)) { 5557 if (sp != NULL) { 5558 ip2dbg(("ip_rt_add: gateway security attributes " 5559 "cannot be set with interface route\n")); 5560 if (ipif != NULL) 5561 ipif_refrele(ipif); 5562 return (EINVAL); 5563 } 5564 5565 /* 5566 * Whether or not ill (RTA_IFP) is set, we require that 5567 * the gateway is one of our local addresses. 5568 */ 5569 if (ipif == NULL) 5570 return (ENETUNREACH); 5571 5572 /* 5573 * We use MATCH_IRE_ILL here. If the caller specified an 5574 * interface (from the RTA_IFP sockaddr) we use it, otherwise 5575 * we use the ill derived from the gateway address. 5576 * We can always match the gateway address since we record it 5577 * in ire_gateway_addr. 5578 * We don't allow RTA_IFP to specify a different ill than the 5579 * one matching the ipif to make sure we can delete the route. 5580 */ 5581 match_flags |= MATCH_IRE_GW | MATCH_IRE_ILL; 5582 if (ill == NULL) { 5583 ill = ipif->ipif_ill; 5584 } else if (ill != ipif->ipif_ill) { 5585 ipif_refrele(ipif); 5586 return (EINVAL); 5587 } 5588 5589 /* 5590 * We check for an existing entry at this point. 5591 * 5592 * Since a netmask isn't passed in via the ioctl interface 5593 * (SIOCADDRT), we don't check for a matching netmask in that 5594 * case. 5595 */ 5596 if (!ioctl_msg) 5597 match_flags |= MATCH_IRE_MASK; 5598 ire = ire_ftable_lookup_v4(dst_addr, mask, gw_addr, 5599 IRE_INTERFACE, ill, ALL_ZONES, NULL, match_flags, 0, ipst, 5600 NULL); 5601 if (ire != NULL) { 5602 ire_refrele(ire); 5603 ipif_refrele(ipif); 5604 return (EEXIST); 5605 } 5606 5607 /* 5608 * Some software (for example, GateD and Sun Cluster) attempts 5609 * to create (what amount to) IRE_PREFIX routes with the 5610 * loopback address as the gateway. This is primarily done to 5611 * set up prefixes with the RTF_REJECT flag set (for example, 5612 * when generating aggregate routes.) 5613 * 5614 * If the IRE type (as defined by ill->ill_net_type) would be 5615 * IRE_LOOPBACK, then we map the request into a 5616 * IRE_IF_NORESOLVER. We also OR in the RTF_BLACKHOLE flag as 5617 * these interface routes, by definition, can only be that. 5618 * 5619 * Needless to say, the real IRE_LOOPBACK is NOT created by this 5620 * routine, but rather using ire_create() directly. 5621 * 5622 */ 5623 type = ill->ill_net_type; 5624 if (type == IRE_LOOPBACK) { 5625 type = IRE_IF_NORESOLVER; 5626 flags |= RTF_BLACKHOLE; 5627 } 5628 5629 /* 5630 * Create a copy of the IRE_IF_NORESOLVER or 5631 * IRE_IF_RESOLVER with the modified address, netmask, and 5632 * gateway. 5633 */ 5634 ire = ire_create( 5635 (uchar_t *)&dst_addr, 5636 (uint8_t *)&mask, 5637 (uint8_t *)&gw_addr, 5638 type, 5639 ill, 5640 zoneid, 5641 flags, 5642 NULL, 5643 ipst); 5644 if (ire == NULL) { 5645 ipif_refrele(ipif); 5646 return (ENOMEM); 5647 } 5648 5649 /* src address assigned by the caller? */ 5650 if ((src_addr != INADDR_ANY) && (flags & RTF_SETSRC)) 5651 ire->ire_setsrc_addr = src_addr; 5652 5653 nire = ire_add(ire); 5654 if (nire == NULL) { 5655 /* 5656 * In the result of failure, ire_add() will have 5657 * already deleted the ire in question, so there 5658 * is no need to do that here. 5659 */ 5660 ipif_refrele(ipif); 5661 return (ENOMEM); 5662 } 5663 /* 5664 * Check if it was a duplicate entry. This handles 5665 * the case of two racing route adds for the same route 5666 */ 5667 if (nire != ire) { 5668 ire_delete(nire); 5669 ire_refrele(nire); 5670 ipif_refrele(ipif); 5671 return (EEXIST); 5672 } 5673 ire = nire; 5674 goto save_ire; 5675 } 5676 5677 /* 5678 * Get an interface IRE for the specified gateway. 5679 * If we don't have an IRE_IF_NORESOLVER or IRE_IF_RESOLVER for the 5680 * gateway, it is currently unreachable and we fail the request 5681 * accordingly. We reject any RTF_GATEWAY routes where the gateway 5682 * is an IRE_LOCAL or IRE_LOOPBACK. 5683 * If RTA_IFP was specified we look on that particular ill. 5684 */ 5685 if (ill != NULL) 5686 match_flags |= MATCH_IRE_ILL; 5687 5688 /* Check whether the gateway is reachable. */ 5689 again: 5690 type = IRE_INTERFACE | IRE_LOCAL | IRE_LOOPBACK; 5691 if (flags & RTF_INDIRECT) 5692 type |= IRE_OFFLINK; 5693 5694 gw_ire = ire_ftable_lookup_v4(gw_addr, 0, 0, type, ill, 5695 ALL_ZONES, NULL, match_flags, 0, ipst, NULL); 5696 if (gw_ire == NULL) { 5697 /* 5698 * With IPMP, we allow host routes to influence in.mpathd's 5699 * target selection. However, if the test addresses are on 5700 * their own network, the above lookup will fail since the 5701 * underlying IRE_INTERFACEs are marked hidden. So allow 5702 * hidden test IREs to be found and try again. 5703 */ 5704 if (!(match_flags & MATCH_IRE_TESTHIDDEN)) { 5705 match_flags |= MATCH_IRE_TESTHIDDEN; 5706 goto again; 5707 } 5708 if (ipif != NULL) 5709 ipif_refrele(ipif); 5710 return (ENETUNREACH); 5711 } 5712 if (gw_ire->ire_type & (IRE_LOCAL|IRE_LOOPBACK)) { 5713 ire_refrele(gw_ire); 5714 if (ipif != NULL) 5715 ipif_refrele(ipif); 5716 return (ENETUNREACH); 5717 } 5718 5719 if (ill == NULL && !(flags & RTF_INDIRECT)) { 5720 unbound = B_TRUE; 5721 if (ipst->ips_ip_strict_src_multihoming > 0) 5722 ill = gw_ire->ire_ill; 5723 } 5724 5725 /* 5726 * We create one of three types of IREs as a result of this request 5727 * based on the netmask. A netmask of all ones (which is automatically 5728 * assumed when RTF_HOST is set) results in an IRE_HOST being created. 5729 * An all zeroes netmask implies a default route so an IRE_DEFAULT is 5730 * created. Otherwise, an IRE_PREFIX route is created for the 5731 * destination prefix. 5732 */ 5733 if (mask == IP_HOST_MASK) 5734 type = IRE_HOST; 5735 else if (mask == 0) 5736 type = IRE_DEFAULT; 5737 else 5738 type = IRE_PREFIX; 5739 5740 /* check for a duplicate entry */ 5741 ire = ire_ftable_lookup_v4(dst_addr, mask, gw_addr, type, ill, 5742 ALL_ZONES, NULL, match_flags | MATCH_IRE_MASK | MATCH_IRE_GW, 5743 0, ipst, NULL); 5744 if (ire != NULL) { 5745 if (ipif != NULL) 5746 ipif_refrele(ipif); 5747 ire_refrele(gw_ire); 5748 ire_refrele(ire); 5749 return (EEXIST); 5750 } 5751 5752 /* Security attribute exists */ 5753 if (sp != NULL) { 5754 tsol_gcgrp_addr_t ga; 5755 5756 /* find or create the gateway credentials group */ 5757 ga.ga_af = AF_INET; 5758 IN6_IPADDR_TO_V4MAPPED(gw_addr, &ga.ga_addr); 5759 5760 /* we hold reference to it upon success */ 5761 gcgrp = gcgrp_lookup(&ga, B_TRUE); 5762 if (gcgrp == NULL) { 5763 if (ipif != NULL) 5764 ipif_refrele(ipif); 5765 ire_refrele(gw_ire); 5766 return (ENOMEM); 5767 } 5768 5769 /* 5770 * Create and add the security attribute to the group; a 5771 * reference to the group is made upon allocating a new 5772 * entry successfully. If it finds an already-existing 5773 * entry for the security attribute in the group, it simply 5774 * returns it and no new reference is made to the group. 5775 */ 5776 gc = gc_create(sp, gcgrp, &gcgrp_xtraref); 5777 if (gc == NULL) { 5778 if (ipif != NULL) 5779 ipif_refrele(ipif); 5780 /* release reference held by gcgrp_lookup */ 5781 GCGRP_REFRELE(gcgrp); 5782 ire_refrele(gw_ire); 5783 return (ENOMEM); 5784 } 5785 } 5786 5787 /* Create the IRE. */ 5788 ire = ire_create( 5789 (uchar_t *)&dst_addr, /* dest address */ 5790 (uchar_t *)&mask, /* mask */ 5791 (uchar_t *)&gw_addr, /* gateway address */ 5792 (ushort_t)type, /* IRE type */ 5793 ill, 5794 zoneid, 5795 flags, 5796 gc, /* security attribute */ 5797 ipst); 5798 5799 /* 5800 * The ire holds a reference to the 'gc' and the 'gc' holds a 5801 * reference to the 'gcgrp'. We can now release the extra reference 5802 * the 'gcgrp' acquired in the gcgrp_lookup, if it was not used. 5803 */ 5804 if (gcgrp_xtraref) 5805 GCGRP_REFRELE(gcgrp); 5806 if (ire == NULL) { 5807 if (gc != NULL) 5808 GC_REFRELE(gc); 5809 if (ipif != NULL) 5810 ipif_refrele(ipif); 5811 ire_refrele(gw_ire); 5812 return (ENOMEM); 5813 } 5814 5815 /* Before we add, check if an extra CGTP broadcast is needed */ 5816 cgtp_broadcast = ((flags & RTF_MULTIRT) && 5817 ip_type_v4(ire->ire_addr, ipst) == IRE_BROADCAST); 5818 5819 /* src address assigned by the caller? */ 5820 if ((src_addr != INADDR_ANY) && (flags & RTF_SETSRC)) 5821 ire->ire_setsrc_addr = src_addr; 5822 5823 ire->ire_unbound = unbound; 5824 5825 /* 5826 * POLICY: should we allow an RTF_HOST with address INADDR_ANY? 5827 * SUN/OS socket stuff does but do we really want to allow 0.0.0.0? 5828 */ 5829 5830 /* Add the new IRE. */ 5831 nire = ire_add(ire); 5832 if (nire == NULL) { 5833 /* 5834 * In the result of failure, ire_add() will have 5835 * already deleted the ire in question, so there 5836 * is no need to do that here. 5837 */ 5838 if (ipif != NULL) 5839 ipif_refrele(ipif); 5840 ire_refrele(gw_ire); 5841 return (ENOMEM); 5842 } 5843 /* 5844 * Check if it was a duplicate entry. This handles 5845 * the case of two racing route adds for the same route 5846 */ 5847 if (nire != ire) { 5848 ire_delete(nire); 5849 ire_refrele(nire); 5850 if (ipif != NULL) 5851 ipif_refrele(ipif); 5852 ire_refrele(gw_ire); 5853 return (EEXIST); 5854 } 5855 ire = nire; 5856 5857 if (flags & RTF_MULTIRT) { 5858 /* 5859 * Invoke the CGTP (multirouting) filtering module 5860 * to add the dst address in the filtering database. 5861 * Replicated inbound packets coming from that address 5862 * will be filtered to discard the duplicates. 5863 * It is not necessary to call the CGTP filter hook 5864 * when the dst address is a broadcast or multicast, 5865 * because an IP source address cannot be a broadcast 5866 * or a multicast. 5867 */ 5868 if (cgtp_broadcast) { 5869 ip_cgtp_bcast_add(ire, ipst); 5870 goto save_ire; 5871 } 5872 if (ipst->ips_ip_cgtp_filter_ops != NULL && 5873 !CLASSD(ire->ire_addr)) { 5874 int res; 5875 ipif_t *src_ipif; 5876 5877 /* Find the source address corresponding to gw_ire */ 5878 src_ipif = ipif_lookup_addr(gw_ire->ire_gateway_addr, 5879 NULL, zoneid, ipst); 5880 if (src_ipif != NULL) { 5881 res = ipst->ips_ip_cgtp_filter_ops-> 5882 cfo_add_dest_v4( 5883 ipst->ips_netstack->netstack_stackid, 5884 ire->ire_addr, 5885 ire->ire_gateway_addr, 5886 ire->ire_setsrc_addr, 5887 src_ipif->ipif_lcl_addr); 5888 ipif_refrele(src_ipif); 5889 } else { 5890 res = EADDRNOTAVAIL; 5891 } 5892 if (res != 0) { 5893 if (ipif != NULL) 5894 ipif_refrele(ipif); 5895 ire_refrele(gw_ire); 5896 ire_delete(ire); 5897 ire_refrele(ire); /* Held in ire_add */ 5898 return (res); 5899 } 5900 } 5901 } 5902 5903 save_ire: 5904 if (gw_ire != NULL) { 5905 ire_refrele(gw_ire); 5906 gw_ire = NULL; 5907 } 5908 if (ill != NULL) { 5909 /* 5910 * Save enough information so that we can recreate the IRE if 5911 * the interface goes down and then up. The metrics associated 5912 * with the route will be saved as well when rts_setmetrics() is 5913 * called after the IRE has been created. In the case where 5914 * memory cannot be allocated, none of this information will be 5915 * saved. 5916 */ 5917 ill_save_ire(ill, ire); 5918 } 5919 if (ioctl_msg) 5920 ip_rts_rtmsg(RTM_OLDADD, ire, 0, ipst); 5921 if (ire_arg != NULL) { 5922 /* 5923 * Store the ire that was successfully added into where ire_arg 5924 * points to so that callers don't have to look it up 5925 * themselves (but they are responsible for ire_refrele()ing 5926 * the ire when they are finished with it). 5927 */ 5928 *ire_arg = ire; 5929 } else { 5930 ire_refrele(ire); /* Held in ire_add */ 5931 } 5932 if (ipif != NULL) 5933 ipif_refrele(ipif); 5934 return (0); 5935 } 5936 5937 /* 5938 * ip_rt_delete is called to delete an IPv4 route. 5939 * ill is passed in to associate it with the correct interface. 5940 */ 5941 /* ARGSUSED4 */ 5942 int 5943 ip_rt_delete(ipaddr_t dst_addr, ipaddr_t mask, ipaddr_t gw_addr, 5944 uint_t rtm_addrs, int flags, ill_t *ill, boolean_t ioctl_msg, 5945 ip_stack_t *ipst, zoneid_t zoneid) 5946 { 5947 ire_t *ire = NULL; 5948 ipif_t *ipif; 5949 uint_t type; 5950 uint_t match_flags = MATCH_IRE_TYPE; 5951 int err = 0; 5952 5953 ip1dbg(("ip_rt_delete:")); 5954 /* 5955 * If this is the case of RTF_HOST being set, then we set the netmask 5956 * to all ones. Otherwise, we use the netmask if one was supplied. 5957 */ 5958 if (flags & RTF_HOST) { 5959 mask = IP_HOST_MASK; 5960 match_flags |= MATCH_IRE_MASK; 5961 } else if (rtm_addrs & RTA_NETMASK) { 5962 match_flags |= MATCH_IRE_MASK; 5963 } 5964 5965 /* 5966 * Note that RTF_GATEWAY is never set on a delete, therefore 5967 * we check if the gateway address is one of our interfaces first, 5968 * and fall back on RTF_GATEWAY routes. 5969 * 5970 * This makes it possible to delete an original 5971 * IRE_IF_NORESOLVER/IRE_IF_RESOLVER - consistent with SunOS 4.1. 5972 * However, we have RTF_KERNEL set on the ones created by ipif_up 5973 * and those can not be deleted here. 5974 * 5975 * We use MATCH_IRE_ILL if we know the interface. If the caller 5976 * specified an interface (from the RTA_IFP sockaddr) we use it, 5977 * otherwise we use the ill derived from the gateway address. 5978 * We can always match the gateway address since we record it 5979 * in ire_gateway_addr. 5980 * 5981 * For more detail on specifying routes by gateway address and by 5982 * interface index, see the comments in ip_rt_add(). 5983 */ 5984 ipif = ipif_lookup_interface(gw_addr, dst_addr, ipst); 5985 if (ipif != NULL) { 5986 ill_t *ill_match; 5987 5988 if (ill != NULL) 5989 ill_match = ill; 5990 else 5991 ill_match = ipif->ipif_ill; 5992 5993 match_flags |= MATCH_IRE_ILL; 5994 if (ipif->ipif_ire_type == IRE_LOOPBACK) { 5995 ire = ire_ftable_lookup_v4(dst_addr, mask, 0, 5996 IRE_LOOPBACK, ill_match, ALL_ZONES, NULL, 5997 match_flags, 0, ipst, NULL); 5998 } 5999 if (ire == NULL) { 6000 match_flags |= MATCH_IRE_GW; 6001 ire = ire_ftable_lookup_v4(dst_addr, mask, gw_addr, 6002 IRE_INTERFACE, ill_match, ALL_ZONES, NULL, 6003 match_flags, 0, ipst, NULL); 6004 } 6005 /* Avoid deleting routes created by kernel from an ipif */ 6006 if (ire != NULL && (ire->ire_flags & RTF_KERNEL)) { 6007 ire_refrele(ire); 6008 ire = NULL; 6009 } 6010 6011 /* Restore in case we didn't find a match */ 6012 match_flags &= ~(MATCH_IRE_GW|MATCH_IRE_ILL); 6013 } 6014 6015 if (ire == NULL) { 6016 /* 6017 * At this point, the gateway address is not one of our own 6018 * addresses or a matching interface route was not found. We 6019 * set the IRE type to lookup based on whether 6020 * this is a host route, a default route or just a prefix. 6021 * 6022 * If an ill was passed in, then the lookup is based on an 6023 * interface index so MATCH_IRE_ILL is added to match_flags. 6024 */ 6025 match_flags |= MATCH_IRE_GW; 6026 if (ill != NULL) 6027 match_flags |= MATCH_IRE_ILL; 6028 if (mask == IP_HOST_MASK) 6029 type = IRE_HOST; 6030 else if (mask == 0) 6031 type = IRE_DEFAULT; 6032 else 6033 type = IRE_PREFIX; 6034 ire = ire_ftable_lookup_v4(dst_addr, mask, gw_addr, type, ill, 6035 ALL_ZONES, NULL, match_flags, 0, ipst, NULL); 6036 } 6037 6038 if (ipif != NULL) { 6039 ipif_refrele(ipif); 6040 ipif = NULL; 6041 } 6042 6043 if (ire == NULL) 6044 return (ESRCH); 6045 6046 if (ire->ire_flags & RTF_MULTIRT) { 6047 /* 6048 * Invoke the CGTP (multirouting) filtering module 6049 * to remove the dst address from the filtering database. 6050 * Packets coming from that address will no longer be 6051 * filtered to remove duplicates. 6052 */ 6053 if (ipst->ips_ip_cgtp_filter_ops != NULL) { 6054 err = ipst->ips_ip_cgtp_filter_ops->cfo_del_dest_v4( 6055 ipst->ips_netstack->netstack_stackid, 6056 ire->ire_addr, ire->ire_gateway_addr); 6057 } 6058 ip_cgtp_bcast_delete(ire, ipst); 6059 } 6060 6061 ill = ire->ire_ill; 6062 if (ill != NULL) 6063 ill_remove_saved_ire(ill, ire); 6064 if (ioctl_msg) 6065 ip_rts_rtmsg(RTM_OLDDEL, ire, 0, ipst); 6066 ire_delete(ire); 6067 ire_refrele(ire); 6068 return (err); 6069 } 6070 6071 /* 6072 * ip_siocaddrt is called to complete processing of an SIOCADDRT IOCTL. 6073 */ 6074 /* ARGSUSED */ 6075 int 6076 ip_siocaddrt(ipif_t *dummy_ipif, sin_t *dummy_sin, queue_t *q, mblk_t *mp, 6077 ip_ioctl_cmd_t *ipip, void *dummy_if_req) 6078 { 6079 ipaddr_t dst_addr; 6080 ipaddr_t gw_addr; 6081 ipaddr_t mask; 6082 int error = 0; 6083 mblk_t *mp1; 6084 struct rtentry *rt; 6085 ipif_t *ipif = NULL; 6086 ip_stack_t *ipst; 6087 6088 ASSERT(q->q_next == NULL); 6089 ipst = CONNQ_TO_IPST(q); 6090 6091 ip1dbg(("ip_siocaddrt:")); 6092 /* Existence of mp1 verified in ip_wput_nondata */ 6093 mp1 = mp->b_cont->b_cont; 6094 rt = (struct rtentry *)mp1->b_rptr; 6095 6096 dst_addr = ((sin_t *)&rt->rt_dst)->sin_addr.s_addr; 6097 gw_addr = ((sin_t *)&rt->rt_gateway)->sin_addr.s_addr; 6098 6099 /* 6100 * If the RTF_HOST flag is on, this is a request to assign a gateway 6101 * to a particular host address. In this case, we set the netmask to 6102 * all ones for the particular destination address. Otherwise, 6103 * determine the netmask to be used based on dst_addr and the interfaces 6104 * in use. 6105 */ 6106 if (rt->rt_flags & RTF_HOST) { 6107 mask = IP_HOST_MASK; 6108 } else { 6109 /* 6110 * Note that ip_subnet_mask returns a zero mask in the case of 6111 * default (an all-zeroes address). 6112 */ 6113 mask = ip_subnet_mask(dst_addr, &ipif, ipst); 6114 } 6115 6116 error = ip_rt_add(dst_addr, mask, gw_addr, 0, rt->rt_flags, NULL, NULL, 6117 B_TRUE, NULL, ipst, ALL_ZONES); 6118 if (ipif != NULL) 6119 ipif_refrele(ipif); 6120 return (error); 6121 } 6122 6123 /* 6124 * ip_siocdelrt is called to complete processing of an SIOCDELRT IOCTL. 6125 */ 6126 /* ARGSUSED */ 6127 int 6128 ip_siocdelrt(ipif_t *dummy_ipif, sin_t *dummy_sin, queue_t *q, mblk_t *mp, 6129 ip_ioctl_cmd_t *ipip, void *dummy_if_req) 6130 { 6131 ipaddr_t dst_addr; 6132 ipaddr_t gw_addr; 6133 ipaddr_t mask; 6134 int error; 6135 mblk_t *mp1; 6136 struct rtentry *rt; 6137 ipif_t *ipif = NULL; 6138 ip_stack_t *ipst; 6139 6140 ASSERT(q->q_next == NULL); 6141 ipst = CONNQ_TO_IPST(q); 6142 6143 ip1dbg(("ip_siocdelrt:")); 6144 /* Existence of mp1 verified in ip_wput_nondata */ 6145 mp1 = mp->b_cont->b_cont; 6146 rt = (struct rtentry *)mp1->b_rptr; 6147 6148 dst_addr = ((sin_t *)&rt->rt_dst)->sin_addr.s_addr; 6149 gw_addr = ((sin_t *)&rt->rt_gateway)->sin_addr.s_addr; 6150 6151 /* 6152 * If the RTF_HOST flag is on, this is a request to delete a gateway 6153 * to a particular host address. In this case, we set the netmask to 6154 * all ones for the particular destination address. Otherwise, 6155 * determine the netmask to be used based on dst_addr and the interfaces 6156 * in use. 6157 */ 6158 if (rt->rt_flags & RTF_HOST) { 6159 mask = IP_HOST_MASK; 6160 } else { 6161 /* 6162 * Note that ip_subnet_mask returns a zero mask in the case of 6163 * default (an all-zeroes address). 6164 */ 6165 mask = ip_subnet_mask(dst_addr, &ipif, ipst); 6166 } 6167 6168 error = ip_rt_delete(dst_addr, mask, gw_addr, 6169 RTA_DST | RTA_GATEWAY | RTA_NETMASK, rt->rt_flags, NULL, B_TRUE, 6170 ipst, ALL_ZONES); 6171 if (ipif != NULL) 6172 ipif_refrele(ipif); 6173 return (error); 6174 } 6175 6176 /* 6177 * Enqueue the mp onto the ipsq, chained by b_next. 6178 * b_prev stores the function to be executed later, and b_queue the queue 6179 * where this mp originated. 6180 */ 6181 void 6182 ipsq_enq(ipsq_t *ipsq, queue_t *q, mblk_t *mp, ipsq_func_t func, int type, 6183 ill_t *pending_ill) 6184 { 6185 conn_t *connp; 6186 ipxop_t *ipx = ipsq->ipsq_xop; 6187 6188 ASSERT(MUTEX_HELD(&ipsq->ipsq_lock)); 6189 ASSERT(MUTEX_HELD(&ipx->ipx_lock)); 6190 ASSERT(func != NULL); 6191 6192 mp->b_queue = q; 6193 mp->b_prev = (void *)func; 6194 mp->b_next = NULL; 6195 6196 switch (type) { 6197 case CUR_OP: 6198 if (ipx->ipx_mptail != NULL) { 6199 ASSERT(ipx->ipx_mphead != NULL); 6200 ipx->ipx_mptail->b_next = mp; 6201 } else { 6202 ASSERT(ipx->ipx_mphead == NULL); 6203 ipx->ipx_mphead = mp; 6204 } 6205 ipx->ipx_mptail = mp; 6206 break; 6207 6208 case NEW_OP: 6209 if (ipsq->ipsq_xopq_mptail != NULL) { 6210 ASSERT(ipsq->ipsq_xopq_mphead != NULL); 6211 ipsq->ipsq_xopq_mptail->b_next = mp; 6212 } else { 6213 ASSERT(ipsq->ipsq_xopq_mphead == NULL); 6214 ipsq->ipsq_xopq_mphead = mp; 6215 } 6216 ipsq->ipsq_xopq_mptail = mp; 6217 ipx->ipx_ipsq_queued = B_TRUE; 6218 break; 6219 6220 case SWITCH_OP: 6221 ASSERT(ipsq->ipsq_swxop != NULL); 6222 /* only one switch operation is currently allowed */ 6223 ASSERT(ipsq->ipsq_switch_mp == NULL); 6224 ipsq->ipsq_switch_mp = mp; 6225 ipx->ipx_ipsq_queued = B_TRUE; 6226 break; 6227 default: 6228 cmn_err(CE_PANIC, "ipsq_enq %d type \n", type); 6229 } 6230 6231 if (CONN_Q(q) && pending_ill != NULL) { 6232 connp = Q_TO_CONN(q); 6233 ASSERT(MUTEX_HELD(&connp->conn_lock)); 6234 connp->conn_oper_pending_ill = pending_ill; 6235 } 6236 } 6237 6238 /* 6239 * Dequeue the next message that requested exclusive access to this IPSQ's 6240 * xop. Specifically: 6241 * 6242 * 1. If we're still processing the current operation on `ipsq', then 6243 * dequeue the next message for the operation (from ipx_mphead), or 6244 * return NULL if there are no queued messages for the operation. 6245 * These messages are queued via CUR_OP to qwriter_ip() and friends. 6246 * 6247 * 2. If the current operation on `ipsq' has completed (ipx_current_ipif is 6248 * not set) see if the ipsq has requested an xop switch. If so, switch 6249 * `ipsq' to a different xop. Xop switches only happen when joining or 6250 * leaving IPMP groups and require a careful dance -- see the comments 6251 * in-line below for details. If we're leaving a group xop or if we're 6252 * joining a group xop and become writer on it, then we proceed to (3). 6253 * Otherwise, we return NULL and exit the xop. 6254 * 6255 * 3. For each IPSQ in the xop, return any switch operation stored on 6256 * ipsq_switch_mp (set via SWITCH_OP); these must be processed before 6257 * any other messages queued on the IPSQ. Otherwise, dequeue the next 6258 * exclusive operation (queued via NEW_OP) stored on ipsq_xopq_mphead. 6259 * Note that if the phyint tied to `ipsq' is not using IPMP there will 6260 * only be one IPSQ in the xop. Otherwise, there will be one IPSQ for 6261 * each phyint in the group, including the IPMP meta-interface phyint. 6262 */ 6263 static mblk_t * 6264 ipsq_dq(ipsq_t *ipsq) 6265 { 6266 ill_t *illv4, *illv6; 6267 mblk_t *mp; 6268 ipsq_t *xopipsq; 6269 ipsq_t *leftipsq = NULL; 6270 ipxop_t *ipx; 6271 phyint_t *phyi = ipsq->ipsq_phyint; 6272 ip_stack_t *ipst = ipsq->ipsq_ipst; 6273 boolean_t emptied = B_FALSE; 6274 6275 /* 6276 * Grab all the locks we need in the defined order (ill_g_lock -> 6277 * ipsq_lock -> ipx_lock); ill_g_lock is needed to use ipsq_next. 6278 */ 6279 rw_enter(&ipst->ips_ill_g_lock, 6280 ipsq->ipsq_swxop != NULL ? RW_WRITER : RW_READER); 6281 mutex_enter(&ipsq->ipsq_lock); 6282 ipx = ipsq->ipsq_xop; 6283 mutex_enter(&ipx->ipx_lock); 6284 6285 /* 6286 * Dequeue the next message associated with the current exclusive 6287 * operation, if any. 6288 */ 6289 if ((mp = ipx->ipx_mphead) != NULL) { 6290 ipx->ipx_mphead = mp->b_next; 6291 if (ipx->ipx_mphead == NULL) 6292 ipx->ipx_mptail = NULL; 6293 mp->b_next = (void *)ipsq; 6294 goto out; 6295 } 6296 6297 if (ipx->ipx_current_ipif != NULL) 6298 goto empty; 6299 6300 if (ipsq->ipsq_swxop != NULL) { 6301 /* 6302 * The exclusive operation that is now being completed has 6303 * requested a switch to a different xop. This happens 6304 * when an interface joins or leaves an IPMP group. Joins 6305 * happen through SIOCSLIFGROUPNAME (ip_sioctl_groupname()). 6306 * Leaves happen via SIOCSLIFGROUPNAME, interface unplumb 6307 * (phyint_free()), or interface plumb for an ill type 6308 * not in the IPMP group (ip_rput_dlpi_writer()). 6309 * 6310 * Xop switches are not allowed on the IPMP meta-interface. 6311 */ 6312 ASSERT(phyi == NULL || !(phyi->phyint_flags & PHYI_IPMP)); 6313 ASSERT(RW_WRITE_HELD(&ipst->ips_ill_g_lock)); 6314 DTRACE_PROBE1(ipsq__switch, (ipsq_t *), ipsq); 6315 6316 if (ipsq->ipsq_swxop == &ipsq->ipsq_ownxop) { 6317 /* 6318 * We're switching back to our own xop, so we have two 6319 * xop's to drain/exit: our own, and the group xop 6320 * that we are leaving. 6321 * 6322 * First, pull ourselves out of the group ipsq list. 6323 * This is safe since we're writer on ill_g_lock. 6324 */ 6325 ASSERT(ipsq->ipsq_xop != &ipsq->ipsq_ownxop); 6326 6327 xopipsq = ipx->ipx_ipsq; 6328 while (xopipsq->ipsq_next != ipsq) 6329 xopipsq = xopipsq->ipsq_next; 6330 6331 xopipsq->ipsq_next = ipsq->ipsq_next; 6332 ipsq->ipsq_next = ipsq; 6333 ipsq->ipsq_xop = ipsq->ipsq_swxop; 6334 ipsq->ipsq_swxop = NULL; 6335 6336 /* 6337 * Second, prepare to exit the group xop. The actual 6338 * ipsq_exit() is done at the end of this function 6339 * since we cannot hold any locks across ipsq_exit(). 6340 * Note that although we drop the group's ipx_lock, no 6341 * threads can proceed since we're still ipx_writer. 6342 */ 6343 leftipsq = xopipsq; 6344 mutex_exit(&ipx->ipx_lock); 6345 6346 /* 6347 * Third, set ipx to point to our own xop (which was 6348 * inactive and therefore can be entered). 6349 */ 6350 ipx = ipsq->ipsq_xop; 6351 mutex_enter(&ipx->ipx_lock); 6352 ASSERT(ipx->ipx_writer == NULL); 6353 ASSERT(ipx->ipx_current_ipif == NULL); 6354 } else { 6355 /* 6356 * We're switching from our own xop to a group xop. 6357 * The requestor of the switch must ensure that the 6358 * group xop cannot go away (e.g. by ensuring the 6359 * phyint associated with the xop cannot go away). 6360 * 6361 * If we can become writer on our new xop, then we'll 6362 * do the drain. Otherwise, the current writer of our 6363 * new xop will do the drain when it exits. 6364 * 6365 * First, splice ourselves into the group IPSQ list. 6366 * This is safe since we're writer on ill_g_lock. 6367 */ 6368 ASSERT(ipsq->ipsq_xop == &ipsq->ipsq_ownxop); 6369 6370 xopipsq = ipsq->ipsq_swxop->ipx_ipsq; 6371 while (xopipsq->ipsq_next != ipsq->ipsq_swxop->ipx_ipsq) 6372 xopipsq = xopipsq->ipsq_next; 6373 6374 xopipsq->ipsq_next = ipsq; 6375 ipsq->ipsq_next = ipsq->ipsq_swxop->ipx_ipsq; 6376 ipsq->ipsq_xop = ipsq->ipsq_swxop; 6377 ipsq->ipsq_swxop = NULL; 6378 6379 /* 6380 * Second, exit our own xop, since it's now unused. 6381 * This is safe since we've got the only reference. 6382 */ 6383 ASSERT(ipx->ipx_writer == curthread); 6384 ipx->ipx_writer = NULL; 6385 VERIFY(--ipx->ipx_reentry_cnt == 0); 6386 ipx->ipx_ipsq_queued = B_FALSE; 6387 mutex_exit(&ipx->ipx_lock); 6388 6389 /* 6390 * Third, set ipx to point to our new xop, and check 6391 * if we can become writer on it. If we cannot, then 6392 * the current writer will drain the IPSQ group when 6393 * it exits. Our ipsq_xop is guaranteed to be stable 6394 * because we're still holding ipsq_lock. 6395 */ 6396 ipx = ipsq->ipsq_xop; 6397 mutex_enter(&ipx->ipx_lock); 6398 if (ipx->ipx_writer != NULL || 6399 ipx->ipx_current_ipif != NULL) { 6400 goto out; 6401 } 6402 } 6403 6404 /* 6405 * Fourth, become writer on our new ipx before we continue 6406 * with the drain. Note that we never dropped ipsq_lock 6407 * above, so no other thread could've raced with us to 6408 * become writer first. Also, we're holding ipx_lock, so 6409 * no other thread can examine the ipx right now. 6410 */ 6411 ASSERT(ipx->ipx_current_ipif == NULL); 6412 ASSERT(ipx->ipx_mphead == NULL && ipx->ipx_mptail == NULL); 6413 VERIFY(ipx->ipx_reentry_cnt++ == 0); 6414 ipx->ipx_writer = curthread; 6415 ipx->ipx_forced = B_FALSE; 6416 #ifdef DEBUG 6417 ipx->ipx_depth = getpcstack(ipx->ipx_stack, IPX_STACK_DEPTH); 6418 #endif 6419 } 6420 6421 xopipsq = ipsq; 6422 do { 6423 /* 6424 * So that other operations operate on a consistent and 6425 * complete phyint, a switch message on an IPSQ must be 6426 * handled prior to any other operations on that IPSQ. 6427 */ 6428 if ((mp = xopipsq->ipsq_switch_mp) != NULL) { 6429 xopipsq->ipsq_switch_mp = NULL; 6430 ASSERT(mp->b_next == NULL); 6431 mp->b_next = (void *)xopipsq; 6432 goto out; 6433 } 6434 6435 if ((mp = xopipsq->ipsq_xopq_mphead) != NULL) { 6436 xopipsq->ipsq_xopq_mphead = mp->b_next; 6437 if (xopipsq->ipsq_xopq_mphead == NULL) 6438 xopipsq->ipsq_xopq_mptail = NULL; 6439 mp->b_next = (void *)xopipsq; 6440 goto out; 6441 } 6442 } while ((xopipsq = xopipsq->ipsq_next) != ipsq); 6443 empty: 6444 /* 6445 * There are no messages. Further, we are holding ipx_lock, hence no 6446 * new messages can end up on any IPSQ in the xop. 6447 */ 6448 ipx->ipx_writer = NULL; 6449 ipx->ipx_forced = B_FALSE; 6450 VERIFY(--ipx->ipx_reentry_cnt == 0); 6451 ipx->ipx_ipsq_queued = B_FALSE; 6452 emptied = B_TRUE; 6453 #ifdef DEBUG 6454 ipx->ipx_depth = 0; 6455 #endif 6456 out: 6457 mutex_exit(&ipx->ipx_lock); 6458 mutex_exit(&ipsq->ipsq_lock); 6459 6460 /* 6461 * If we completely emptied the xop, then wake up any threads waiting 6462 * to enter any of the IPSQ's associated with it. 6463 */ 6464 if (emptied) { 6465 xopipsq = ipsq; 6466 do { 6467 if ((phyi = xopipsq->ipsq_phyint) == NULL) 6468 continue; 6469 6470 illv4 = phyi->phyint_illv4; 6471 illv6 = phyi->phyint_illv6; 6472 6473 GRAB_ILL_LOCKS(illv4, illv6); 6474 if (illv4 != NULL) 6475 cv_broadcast(&illv4->ill_cv); 6476 if (illv6 != NULL) 6477 cv_broadcast(&illv6->ill_cv); 6478 RELEASE_ILL_LOCKS(illv4, illv6); 6479 } while ((xopipsq = xopipsq->ipsq_next) != ipsq); 6480 } 6481 rw_exit(&ipst->ips_ill_g_lock); 6482 6483 /* 6484 * Now that all locks are dropped, exit the IPSQ we left. 6485 */ 6486 if (leftipsq != NULL) 6487 ipsq_exit(leftipsq); 6488 6489 return (mp); 6490 } 6491 6492 /* 6493 * Return completion status of previously initiated DLPI operations on 6494 * ills in the purview of an ipsq. 6495 */ 6496 static boolean_t 6497 ipsq_dlpi_done(ipsq_t *ipsq) 6498 { 6499 ipsq_t *ipsq_start; 6500 phyint_t *phyi; 6501 ill_t *ill; 6502 6503 ASSERT(RW_LOCK_HELD(&ipsq->ipsq_ipst->ips_ill_g_lock)); 6504 ipsq_start = ipsq; 6505 6506 do { 6507 /* 6508 * The only current users of this function are ipsq_try_enter 6509 * and ipsq_enter which have made sure that ipsq_writer is 6510 * NULL before we reach here. ill_dlpi_pending is modified 6511 * only by an ipsq writer 6512 */ 6513 ASSERT(ipsq->ipsq_xop->ipx_writer == NULL); 6514 phyi = ipsq->ipsq_phyint; 6515 /* 6516 * phyi could be NULL if a phyint that is part of an 6517 * IPMP group is being unplumbed. A more detailed 6518 * comment is in ipmp_grp_update_kstats() 6519 */ 6520 if (phyi != NULL) { 6521 ill = phyi->phyint_illv4; 6522 if (ill != NULL && 6523 (ill->ill_dlpi_pending != DL_PRIM_INVAL || 6524 ill->ill_arl_dlpi_pending)) 6525 return (B_FALSE); 6526 6527 ill = phyi->phyint_illv6; 6528 if (ill != NULL && 6529 ill->ill_dlpi_pending != DL_PRIM_INVAL) 6530 return (B_FALSE); 6531 } 6532 6533 } while ((ipsq = ipsq->ipsq_next) != ipsq_start); 6534 6535 return (B_TRUE); 6536 } 6537 6538 /* 6539 * Enter the ipsq corresponding to ill, by waiting synchronously till 6540 * we can enter the ipsq exclusively. Unless 'force' is used, the ipsq 6541 * will have to drain completely before ipsq_enter returns success. 6542 * ipx_current_ipif will be set if some exclusive op is in progress, 6543 * and the ipsq_exit logic will start the next enqueued op after 6544 * completion of the current op. If 'force' is used, we don't wait 6545 * for the enqueued ops. This is needed when a conn_close wants to 6546 * enter the ipsq and abort an ioctl that is somehow stuck. Unplumb 6547 * of an ill can also use this option. But we dont' use it currently. 6548 */ 6549 #define ENTER_SQ_WAIT_TICKS 100 6550 boolean_t 6551 ipsq_enter(ill_t *ill, boolean_t force, int type) 6552 { 6553 ipsq_t *ipsq; 6554 ipxop_t *ipx; 6555 boolean_t waited_enough = B_FALSE; 6556 ip_stack_t *ipst = ill->ill_ipst; 6557 6558 /* 6559 * Note that the relationship between ill and ipsq is fixed as long as 6560 * the ill is not ILL_CONDEMNED. Holding ipsq_lock ensures the 6561 * relationship between the IPSQ and xop cannot change. However, 6562 * since we cannot hold ipsq_lock across the cv_wait(), it may change 6563 * while we're waiting. We wait on ill_cv and rely on ipsq_exit() 6564 * waking up all ills in the xop when it becomes available. 6565 */ 6566 for (;;) { 6567 rw_enter(&ipst->ips_ill_g_lock, RW_READER); 6568 mutex_enter(&ill->ill_lock); 6569 if (ill->ill_state_flags & ILL_CONDEMNED) { 6570 mutex_exit(&ill->ill_lock); 6571 rw_exit(&ipst->ips_ill_g_lock); 6572 return (B_FALSE); 6573 } 6574 6575 ipsq = ill->ill_phyint->phyint_ipsq; 6576 mutex_enter(&ipsq->ipsq_lock); 6577 ipx = ipsq->ipsq_xop; 6578 mutex_enter(&ipx->ipx_lock); 6579 6580 if (ipx->ipx_writer == NULL && (type == CUR_OP || 6581 (ipx->ipx_current_ipif == NULL && ipsq_dlpi_done(ipsq)) || 6582 waited_enough)) 6583 break; 6584 6585 rw_exit(&ipst->ips_ill_g_lock); 6586 6587 if (!force || ipx->ipx_writer != NULL) { 6588 mutex_exit(&ipx->ipx_lock); 6589 mutex_exit(&ipsq->ipsq_lock); 6590 cv_wait(&ill->ill_cv, &ill->ill_lock); 6591 } else { 6592 mutex_exit(&ipx->ipx_lock); 6593 mutex_exit(&ipsq->ipsq_lock); 6594 (void) cv_reltimedwait(&ill->ill_cv, 6595 &ill->ill_lock, ENTER_SQ_WAIT_TICKS, TR_CLOCK_TICK); 6596 waited_enough = B_TRUE; 6597 } 6598 mutex_exit(&ill->ill_lock); 6599 } 6600 6601 ASSERT(ipx->ipx_mphead == NULL && ipx->ipx_mptail == NULL); 6602 ASSERT(ipx->ipx_reentry_cnt == 0); 6603 ipx->ipx_writer = curthread; 6604 ipx->ipx_forced = (ipx->ipx_current_ipif != NULL); 6605 ipx->ipx_reentry_cnt++; 6606 #ifdef DEBUG 6607 ipx->ipx_depth = getpcstack(ipx->ipx_stack, IPX_STACK_DEPTH); 6608 #endif 6609 mutex_exit(&ipx->ipx_lock); 6610 mutex_exit(&ipsq->ipsq_lock); 6611 mutex_exit(&ill->ill_lock); 6612 rw_exit(&ipst->ips_ill_g_lock); 6613 6614 return (B_TRUE); 6615 } 6616 6617 /* 6618 * ipif_set_values() has a constraint that it cannot drop the ips_ill_g_lock 6619 * across the call to the core interface ipsq_try_enter() and hence calls this 6620 * function directly. This is explained more fully in ipif_set_values(). 6621 * In order to support the above constraint, ipsq_try_enter is implemented as 6622 * a wrapper that grabs the ips_ill_g_lock and calls this function subsequently 6623 */ 6624 static ipsq_t * 6625 ipsq_try_enter_internal(ill_t *ill, queue_t *q, mblk_t *mp, ipsq_func_t func, 6626 int type, boolean_t reentry_ok) 6627 { 6628 ipsq_t *ipsq; 6629 ipxop_t *ipx; 6630 ip_stack_t *ipst = ill->ill_ipst; 6631 6632 /* 6633 * lock ordering: 6634 * ill_g_lock -> conn_lock -> ill_lock -> ipsq_lock -> ipx_lock. 6635 * 6636 * ipx of an ipsq can't change when ipsq_lock is held. 6637 */ 6638 ASSERT(RW_LOCK_HELD(&ipst->ips_ill_g_lock)); 6639 GRAB_CONN_LOCK(q); 6640 mutex_enter(&ill->ill_lock); 6641 ipsq = ill->ill_phyint->phyint_ipsq; 6642 mutex_enter(&ipsq->ipsq_lock); 6643 ipx = ipsq->ipsq_xop; 6644 mutex_enter(&ipx->ipx_lock); 6645 6646 /* 6647 * 1. Enter the ipsq if we are already writer and reentry is ok. 6648 * (Note: If the caller does not specify reentry_ok then neither 6649 * 'func' nor any of its callees must ever attempt to enter the ipsq 6650 * again. Otherwise it can lead to an infinite loop 6651 * 2. Enter the ipsq if there is no current writer and this attempted 6652 * entry is part of the current operation 6653 * 3. Enter the ipsq if there is no current writer and this is a new 6654 * operation and the operation queue is empty and there is no 6655 * operation currently in progress and if all previously initiated 6656 * DLPI operations have completed. 6657 */ 6658 if ((ipx->ipx_writer == curthread && reentry_ok) || 6659 (ipx->ipx_writer == NULL && (type == CUR_OP || (type == NEW_OP && 6660 !ipx->ipx_ipsq_queued && ipx->ipx_current_ipif == NULL && 6661 ipsq_dlpi_done(ipsq))))) { 6662 /* Success. */ 6663 ipx->ipx_reentry_cnt++; 6664 ipx->ipx_writer = curthread; 6665 ipx->ipx_forced = B_FALSE; 6666 mutex_exit(&ipx->ipx_lock); 6667 mutex_exit(&ipsq->ipsq_lock); 6668 mutex_exit(&ill->ill_lock); 6669 RELEASE_CONN_LOCK(q); 6670 #ifdef DEBUG 6671 ipx->ipx_depth = getpcstack(ipx->ipx_stack, IPX_STACK_DEPTH); 6672 #endif 6673 return (ipsq); 6674 } 6675 6676 if (func != NULL) 6677 ipsq_enq(ipsq, q, mp, func, type, ill); 6678 6679 mutex_exit(&ipx->ipx_lock); 6680 mutex_exit(&ipsq->ipsq_lock); 6681 mutex_exit(&ill->ill_lock); 6682 RELEASE_CONN_LOCK(q); 6683 return (NULL); 6684 } 6685 6686 /* 6687 * The ipsq_t (ipsq) is the synchronization data structure used to serialize 6688 * certain critical operations like plumbing (i.e. most set ioctls), etc. 6689 * There is one ipsq per phyint. The ipsq 6690 * serializes exclusive ioctls issued by applications on a per ipsq basis in 6691 * ipsq_xopq_mphead. It also protects against multiple threads executing in 6692 * the ipsq. Responses from the driver pertain to the current ioctl (say a 6693 * DL_BIND_ACK in response to a DL_BIND_REQ initiated as part of bringing 6694 * up the interface) and are enqueued in ipx_mphead. 6695 * 6696 * If a thread does not want to reenter the ipsq when it is already writer, 6697 * it must make sure that the specified reentry point to be called later 6698 * when the ipsq is empty, nor any code path starting from the specified reentry 6699 * point must never ever try to enter the ipsq again. Otherwise it can lead 6700 * to an infinite loop. The reentry point ip_rput_dlpi_writer is an example. 6701 * When the thread that is currently exclusive finishes, it (ipsq_exit) 6702 * dequeues the requests waiting to become exclusive in ipx_mphead and calls 6703 * the reentry point. When the list at ipx_mphead becomes empty ipsq_exit 6704 * proceeds to dequeue the next ioctl in ipsq_xopq_mphead and start the next 6705 * ioctl if the current ioctl has completed. If the current ioctl is still 6706 * in progress it simply returns. The current ioctl could be waiting for 6707 * a response from another module (the driver or could be waiting for 6708 * the ipif/ill/ire refcnts to drop to zero. In such a case the ipx_pending_mp 6709 * and ipx_pending_ipif are set. ipx_current_ipif is set throughout the 6710 * execution of the ioctl and ipsq_exit does not start the next ioctl unless 6711 * ipx_current_ipif is NULL which happens only once the ioctl is complete and 6712 * all associated DLPI operations have completed. 6713 */ 6714 6715 /* 6716 * Try to enter the IPSQ corresponding to `ipif' or `ill' exclusively (`ipif' 6717 * and `ill' cannot both be specified). Returns a pointer to the entered IPSQ 6718 * on success, or NULL on failure. The caller ensures ipif/ill is valid by 6719 * refholding it as necessary. If the IPSQ cannot be entered and `func' is 6720 * non-NULL, then `func' will be called back with `q' and `mp' once the IPSQ 6721 * can be entered. If `func' is NULL, then `q' and `mp' are ignored. 6722 */ 6723 ipsq_t * 6724 ipsq_try_enter(ipif_t *ipif, ill_t *ill, queue_t *q, mblk_t *mp, 6725 ipsq_func_t func, int type, boolean_t reentry_ok) 6726 { 6727 ip_stack_t *ipst; 6728 ipsq_t *ipsq; 6729 6730 /* Only 1 of ipif or ill can be specified */ 6731 ASSERT((ipif != NULL) ^ (ill != NULL)); 6732 6733 if (ipif != NULL) 6734 ill = ipif->ipif_ill; 6735 ipst = ill->ill_ipst; 6736 6737 rw_enter(&ipst->ips_ill_g_lock, RW_READER); 6738 ipsq = ipsq_try_enter_internal(ill, q, mp, func, type, reentry_ok); 6739 rw_exit(&ipst->ips_ill_g_lock); 6740 6741 return (ipsq); 6742 } 6743 6744 /* 6745 * Try to enter the IPSQ corresponding to `ill' as writer. The caller ensures 6746 * ill is valid by refholding it if necessary; we will refrele. If the IPSQ 6747 * cannot be entered, the mp is queued for completion. 6748 */ 6749 void 6750 qwriter_ip(ill_t *ill, queue_t *q, mblk_t *mp, ipsq_func_t func, int type, 6751 boolean_t reentry_ok) 6752 { 6753 ipsq_t *ipsq; 6754 6755 ipsq = ipsq_try_enter(NULL, ill, q, mp, func, type, reentry_ok); 6756 6757 /* 6758 * Drop the caller's refhold on the ill. This is safe since we either 6759 * entered the IPSQ (and thus are exclusive), or failed to enter the 6760 * IPSQ, in which case we return without accessing ill anymore. This 6761 * is needed because func needs to see the correct refcount. 6762 * e.g. removeif can work only then. 6763 */ 6764 ill_refrele(ill); 6765 if (ipsq != NULL) { 6766 (*func)(ipsq, q, mp, NULL); 6767 ipsq_exit(ipsq); 6768 } 6769 } 6770 6771 /* 6772 * Exit the specified IPSQ. If this is the final exit on it then drain it 6773 * prior to exiting. Caller must be writer on the specified IPSQ. 6774 */ 6775 void 6776 ipsq_exit(ipsq_t *ipsq) 6777 { 6778 mblk_t *mp; 6779 ipsq_t *mp_ipsq; 6780 queue_t *q; 6781 phyint_t *phyi; 6782 ipsq_func_t func; 6783 6784 ASSERT(IAM_WRITER_IPSQ(ipsq)); 6785 6786 ASSERT(ipsq->ipsq_xop->ipx_reentry_cnt >= 1); 6787 if (ipsq->ipsq_xop->ipx_reentry_cnt != 1) { 6788 ipsq->ipsq_xop->ipx_reentry_cnt--; 6789 return; 6790 } 6791 6792 for (;;) { 6793 phyi = ipsq->ipsq_phyint; 6794 mp = ipsq_dq(ipsq); 6795 mp_ipsq = (mp == NULL) ? NULL : (ipsq_t *)mp->b_next; 6796 6797 /* 6798 * If we've changed to a new IPSQ, and the phyint associated 6799 * with the old one has gone away, free the old IPSQ. Note 6800 * that this cannot happen while the IPSQ is in a group. 6801 */ 6802 if (mp_ipsq != ipsq && phyi == NULL) { 6803 ASSERT(ipsq->ipsq_next == ipsq); 6804 ASSERT(ipsq->ipsq_xop == &ipsq->ipsq_ownxop); 6805 ipsq_delete(ipsq); 6806 } 6807 6808 if (mp == NULL) 6809 break; 6810 6811 q = mp->b_queue; 6812 func = (ipsq_func_t)mp->b_prev; 6813 ipsq = mp_ipsq; 6814 mp->b_next = mp->b_prev = NULL; 6815 mp->b_queue = NULL; 6816 6817 /* 6818 * If 'q' is an conn queue, it is valid, since we did a 6819 * a refhold on the conn at the start of the ioctl. 6820 * If 'q' is an ill queue, it is valid, since close of an 6821 * ill will clean up its IPSQ. 6822 */ 6823 (*func)(ipsq, q, mp, NULL); 6824 } 6825 } 6826 6827 /* 6828 * Used to start any igmp or mld timers that could not be started 6829 * while holding ill_mcast_lock. The timers can't be started while holding 6830 * the lock, since mld/igmp_start_timers may need to call untimeout() 6831 * which can't be done while holding the lock which the timeout handler 6832 * acquires. Otherwise 6833 * there could be a deadlock since the timeout handlers 6834 * mld_timeout_handler_per_ill/igmp_timeout_handler_per_ill also acquire 6835 * ill_mcast_lock. 6836 */ 6837 void 6838 ill_mcast_timer_start(ip_stack_t *ipst) 6839 { 6840 int next; 6841 6842 mutex_enter(&ipst->ips_igmp_timer_lock); 6843 next = ipst->ips_igmp_deferred_next; 6844 ipst->ips_igmp_deferred_next = INFINITY; 6845 mutex_exit(&ipst->ips_igmp_timer_lock); 6846 6847 if (next != INFINITY) 6848 igmp_start_timers(next, ipst); 6849 6850 mutex_enter(&ipst->ips_mld_timer_lock); 6851 next = ipst->ips_mld_deferred_next; 6852 ipst->ips_mld_deferred_next = INFINITY; 6853 mutex_exit(&ipst->ips_mld_timer_lock); 6854 6855 if (next != INFINITY) 6856 mld_start_timers(next, ipst); 6857 } 6858 6859 /* 6860 * Start the current exclusive operation on `ipsq'; associate it with `ipif' 6861 * and `ioccmd'. 6862 */ 6863 void 6864 ipsq_current_start(ipsq_t *ipsq, ipif_t *ipif, int ioccmd) 6865 { 6866 ill_t *ill = ipif->ipif_ill; 6867 ipxop_t *ipx = ipsq->ipsq_xop; 6868 6869 ASSERT(IAM_WRITER_IPSQ(ipsq)); 6870 ASSERT(ipx->ipx_current_ipif == NULL); 6871 ASSERT(ipx->ipx_current_ioctl == 0); 6872 6873 ipx->ipx_current_done = B_FALSE; 6874 ipx->ipx_current_ioctl = ioccmd; 6875 mutex_enter(&ipx->ipx_lock); 6876 ipx->ipx_current_ipif = ipif; 6877 mutex_exit(&ipx->ipx_lock); 6878 6879 /* 6880 * Set IPIF_CHANGING on one or more ipifs associated with the 6881 * current exclusive operation. IPIF_CHANGING prevents any new 6882 * references to the ipif (so that the references will eventually 6883 * drop to zero) and also prevents any "get" operations (e.g., 6884 * SIOCGLIFFLAGS) from being able to access the ipif until the 6885 * operation has completed and the ipif is again in a stable state. 6886 * 6887 * For ioctls, IPIF_CHANGING is set on the ipif associated with the 6888 * ioctl. For internal operations (where ioccmd is zero), all ipifs 6889 * on the ill are marked with IPIF_CHANGING since it's unclear which 6890 * ipifs will be affected. 6891 * 6892 * Note that SIOCLIFREMOVEIF is a special case as it sets 6893 * IPIF_CONDEMNED internally after identifying the right ipif to 6894 * operate on. 6895 */ 6896 switch (ioccmd) { 6897 case SIOCLIFREMOVEIF: 6898 break; 6899 case 0: 6900 mutex_enter(&ill->ill_lock); 6901 ipif = ipif->ipif_ill->ill_ipif; 6902 for (; ipif != NULL; ipif = ipif->ipif_next) 6903 ipif->ipif_state_flags |= IPIF_CHANGING; 6904 mutex_exit(&ill->ill_lock); 6905 break; 6906 default: 6907 mutex_enter(&ill->ill_lock); 6908 ipif->ipif_state_flags |= IPIF_CHANGING; 6909 mutex_exit(&ill->ill_lock); 6910 } 6911 } 6912 6913 /* 6914 * Finish the current exclusive operation on `ipsq'. Usually, this will allow 6915 * the next exclusive operation to begin once we ipsq_exit(). However, if 6916 * pending DLPI operations remain, then we will wait for the queue to drain 6917 * before allowing the next exclusive operation to begin. This ensures that 6918 * DLPI operations from one exclusive operation are never improperly processed 6919 * as part of a subsequent exclusive operation. 6920 */ 6921 void 6922 ipsq_current_finish(ipsq_t *ipsq) 6923 { 6924 ipxop_t *ipx = ipsq->ipsq_xop; 6925 t_uscalar_t dlpi_pending = DL_PRIM_INVAL; 6926 ipif_t *ipif = ipx->ipx_current_ipif; 6927 6928 ASSERT(IAM_WRITER_IPSQ(ipsq)); 6929 6930 /* 6931 * For SIOCLIFREMOVEIF, the ipif has been already been blown away 6932 * (but in that case, IPIF_CHANGING will already be clear and no 6933 * pending DLPI messages can remain). 6934 */ 6935 if (ipx->ipx_current_ioctl != SIOCLIFREMOVEIF) { 6936 ill_t *ill = ipif->ipif_ill; 6937 6938 mutex_enter(&ill->ill_lock); 6939 dlpi_pending = ill->ill_dlpi_pending; 6940 if (ipx->ipx_current_ioctl == 0) { 6941 ipif = ill->ill_ipif; 6942 for (; ipif != NULL; ipif = ipif->ipif_next) 6943 ipif->ipif_state_flags &= ~IPIF_CHANGING; 6944 } else { 6945 ipif->ipif_state_flags &= ~IPIF_CHANGING; 6946 } 6947 mutex_exit(&ill->ill_lock); 6948 } 6949 6950 ASSERT(!ipx->ipx_current_done); 6951 ipx->ipx_current_done = B_TRUE; 6952 ipx->ipx_current_ioctl = 0; 6953 if (dlpi_pending == DL_PRIM_INVAL) { 6954 mutex_enter(&ipx->ipx_lock); 6955 ipx->ipx_current_ipif = NULL; 6956 mutex_exit(&ipx->ipx_lock); 6957 } 6958 } 6959 6960 /* 6961 * The ill is closing. Flush all messages on the ipsq that originated 6962 * from this ill. Usually there wont' be any messages on the ipsq_xopq_mphead 6963 * for this ill since ipsq_enter could not have entered until then. 6964 * New messages can't be queued since the CONDEMNED flag is set. 6965 */ 6966 static void 6967 ipsq_flush(ill_t *ill) 6968 { 6969 queue_t *q; 6970 mblk_t *prev; 6971 mblk_t *mp; 6972 mblk_t *mp_next; 6973 ipxop_t *ipx = ill->ill_phyint->phyint_ipsq->ipsq_xop; 6974 6975 ASSERT(IAM_WRITER_ILL(ill)); 6976 6977 /* 6978 * Flush any messages sent up by the driver. 6979 */ 6980 mutex_enter(&ipx->ipx_lock); 6981 for (prev = NULL, mp = ipx->ipx_mphead; mp != NULL; mp = mp_next) { 6982 mp_next = mp->b_next; 6983 q = mp->b_queue; 6984 if (q == ill->ill_rq || q == ill->ill_wq) { 6985 /* dequeue mp */ 6986 if (prev == NULL) 6987 ipx->ipx_mphead = mp->b_next; 6988 else 6989 prev->b_next = mp->b_next; 6990 if (ipx->ipx_mptail == mp) { 6991 ASSERT(mp_next == NULL); 6992 ipx->ipx_mptail = prev; 6993 } 6994 inet_freemsg(mp); 6995 } else { 6996 prev = mp; 6997 } 6998 } 6999 mutex_exit(&ipx->ipx_lock); 7000 (void) ipsq_pending_mp_cleanup(ill, NULL); 7001 ipsq_xopq_mp_cleanup(ill, NULL); 7002 } 7003 7004 /* 7005 * Parse an ifreq or lifreq struct coming down ioctls and refhold 7006 * and return the associated ipif. 7007 * Return value: 7008 * Non zero: An error has occurred. ci may not be filled out. 7009 * zero : ci is filled out with the ioctl cmd in ci.ci_name, and 7010 * a held ipif in ci.ci_ipif. 7011 */ 7012 int 7013 ip_extract_lifreq(queue_t *q, mblk_t *mp, const ip_ioctl_cmd_t *ipip, 7014 cmd_info_t *ci) 7015 { 7016 char *name; 7017 struct ifreq *ifr; 7018 struct lifreq *lifr; 7019 ipif_t *ipif = NULL; 7020 ill_t *ill; 7021 conn_t *connp; 7022 boolean_t isv6; 7023 int err; 7024 mblk_t *mp1; 7025 zoneid_t zoneid; 7026 ip_stack_t *ipst; 7027 7028 if (q->q_next != NULL) { 7029 ill = (ill_t *)q->q_ptr; 7030 isv6 = ill->ill_isv6; 7031 connp = NULL; 7032 zoneid = ALL_ZONES; 7033 ipst = ill->ill_ipst; 7034 } else { 7035 ill = NULL; 7036 connp = Q_TO_CONN(q); 7037 isv6 = (connp->conn_family == AF_INET6); 7038 zoneid = connp->conn_zoneid; 7039 if (zoneid == GLOBAL_ZONEID) { 7040 /* global zone can access ipifs in all zones */ 7041 zoneid = ALL_ZONES; 7042 } 7043 ipst = connp->conn_netstack->netstack_ip; 7044 } 7045 7046 /* Has been checked in ip_wput_nondata */ 7047 mp1 = mp->b_cont->b_cont; 7048 7049 if (ipip->ipi_cmd_type == IF_CMD) { 7050 /* This a old style SIOC[GS]IF* command */ 7051 ifr = (struct ifreq *)mp1->b_rptr; 7052 /* 7053 * Null terminate the string to protect against buffer 7054 * overrun. String was generated by user code and may not 7055 * be trusted. 7056 */ 7057 ifr->ifr_name[IFNAMSIZ - 1] = '\0'; 7058 name = ifr->ifr_name; 7059 ci->ci_sin = (sin_t *)&ifr->ifr_addr; 7060 ci->ci_sin6 = NULL; 7061 ci->ci_lifr = (struct lifreq *)ifr; 7062 } else { 7063 /* This a new style SIOC[GS]LIF* command */ 7064 ASSERT(ipip->ipi_cmd_type == LIF_CMD); 7065 lifr = (struct lifreq *)mp1->b_rptr; 7066 /* 7067 * Null terminate the string to protect against buffer 7068 * overrun. String was generated by user code and may not 7069 * be trusted. 7070 */ 7071 lifr->lifr_name[LIFNAMSIZ - 1] = '\0'; 7072 name = lifr->lifr_name; 7073 ci->ci_sin = (sin_t *)&lifr->lifr_addr; 7074 ci->ci_sin6 = (sin6_t *)&lifr->lifr_addr; 7075 ci->ci_lifr = lifr; 7076 } 7077 7078 if (ipip->ipi_cmd == SIOCSLIFNAME) { 7079 /* 7080 * The ioctl will be failed if the ioctl comes down 7081 * an conn stream 7082 */ 7083 if (ill == NULL) { 7084 /* 7085 * Not an ill queue, return EINVAL same as the 7086 * old error code. 7087 */ 7088 return (ENXIO); 7089 } 7090 ipif = ill->ill_ipif; 7091 ipif_refhold(ipif); 7092 } else { 7093 /* 7094 * Ensure that ioctls don't see any internal state changes 7095 * caused by set ioctls by deferring them if IPIF_CHANGING is 7096 * set. 7097 */ 7098 ipif = ipif_lookup_on_name_async(name, mi_strlen(name), 7099 isv6, zoneid, q, mp, ip_process_ioctl, &err, ipst); 7100 if (ipif == NULL) { 7101 if (err == EINPROGRESS) 7102 return (err); 7103 err = 0; /* Ensure we don't use it below */ 7104 } 7105 } 7106 7107 /* 7108 * Old style [GS]IFCMD does not admit IPv6 ipif 7109 */ 7110 if (ipif != NULL && ipif->ipif_isv6 && ipip->ipi_cmd_type == IF_CMD) { 7111 ipif_refrele(ipif); 7112 return (ENXIO); 7113 } 7114 7115 if (ipif == NULL && ill != NULL && ill->ill_ipif != NULL && 7116 name[0] == '\0') { 7117 /* 7118 * Handle a or a SIOC?IF* with a null name 7119 * during plumb (on the ill queue before the I_PLINK). 7120 */ 7121 ipif = ill->ill_ipif; 7122 ipif_refhold(ipif); 7123 } 7124 7125 if (ipif == NULL) 7126 return (ENXIO); 7127 7128 DTRACE_PROBE4(ipif__ioctl, char *, "ip_extract_lifreq", 7129 int, ipip->ipi_cmd, ill_t *, ipif->ipif_ill, ipif_t *, ipif); 7130 7131 ci->ci_ipif = ipif; 7132 return (0); 7133 } 7134 7135 /* 7136 * Return the total number of ipifs. 7137 */ 7138 static uint_t 7139 ip_get_numifs(zoneid_t zoneid, ip_stack_t *ipst) 7140 { 7141 uint_t numifs = 0; 7142 ill_t *ill; 7143 ill_walk_context_t ctx; 7144 ipif_t *ipif; 7145 7146 rw_enter(&ipst->ips_ill_g_lock, RW_READER); 7147 ill = ILL_START_WALK_V4(&ctx, ipst); 7148 for (; ill != NULL; ill = ill_next(&ctx, ill)) { 7149 if (IS_UNDER_IPMP(ill)) 7150 continue; 7151 for (ipif = ill->ill_ipif; ipif != NULL; 7152 ipif = ipif->ipif_next) { 7153 if (ipif->ipif_zoneid == zoneid || 7154 ipif->ipif_zoneid == ALL_ZONES) 7155 numifs++; 7156 } 7157 } 7158 rw_exit(&ipst->ips_ill_g_lock); 7159 return (numifs); 7160 } 7161 7162 /* 7163 * Return the total number of ipifs. 7164 */ 7165 static uint_t 7166 ip_get_numlifs(int family, int lifn_flags, zoneid_t zoneid, ip_stack_t *ipst) 7167 { 7168 uint_t numifs = 0; 7169 ill_t *ill; 7170 ipif_t *ipif; 7171 ill_walk_context_t ctx; 7172 7173 ip1dbg(("ip_get_numlifs(%d %u %d)\n", family, lifn_flags, (int)zoneid)); 7174 7175 rw_enter(&ipst->ips_ill_g_lock, RW_READER); 7176 if (family == AF_INET) 7177 ill = ILL_START_WALK_V4(&ctx, ipst); 7178 else if (family == AF_INET6) 7179 ill = ILL_START_WALK_V6(&ctx, ipst); 7180 else 7181 ill = ILL_START_WALK_ALL(&ctx, ipst); 7182 7183 for (; ill != NULL; ill = ill_next(&ctx, ill)) { 7184 if (IS_UNDER_IPMP(ill) && !(lifn_flags & LIFC_UNDER_IPMP)) 7185 continue; 7186 7187 for (ipif = ill->ill_ipif; ipif != NULL; 7188 ipif = ipif->ipif_next) { 7189 if ((ipif->ipif_flags & IPIF_NOXMIT) && 7190 !(lifn_flags & LIFC_NOXMIT)) 7191 continue; 7192 if ((ipif->ipif_flags & IPIF_TEMPORARY) && 7193 !(lifn_flags & LIFC_TEMPORARY)) 7194 continue; 7195 if (((ipif->ipif_flags & 7196 (IPIF_NOXMIT|IPIF_NOLOCAL| 7197 IPIF_DEPRECATED)) || 7198 IS_LOOPBACK(ill) || 7199 !(ipif->ipif_flags & IPIF_UP)) && 7200 (lifn_flags & LIFC_EXTERNAL_SOURCE)) 7201 continue; 7202 7203 if (zoneid != ipif->ipif_zoneid && 7204 ipif->ipif_zoneid != ALL_ZONES && 7205 (zoneid != GLOBAL_ZONEID || 7206 !(lifn_flags & LIFC_ALLZONES))) 7207 continue; 7208 7209 numifs++; 7210 } 7211 } 7212 rw_exit(&ipst->ips_ill_g_lock); 7213 return (numifs); 7214 } 7215 7216 uint_t 7217 ip_get_lifsrcofnum(ill_t *ill) 7218 { 7219 uint_t numifs = 0; 7220 ill_t *ill_head = ill; 7221 ip_stack_t *ipst = ill->ill_ipst; 7222 7223 /* 7224 * ill_g_usesrc_lock protects ill_usesrc_grp_next, for example, some 7225 * other thread may be trying to relink the ILLs in this usesrc group 7226 * and adjusting the ill_usesrc_grp_next pointers 7227 */ 7228 rw_enter(&ipst->ips_ill_g_usesrc_lock, RW_READER); 7229 if ((ill->ill_usesrc_ifindex == 0) && 7230 (ill->ill_usesrc_grp_next != NULL)) { 7231 for (; (ill != NULL) && (ill->ill_usesrc_grp_next != ill_head); 7232 ill = ill->ill_usesrc_grp_next) 7233 numifs++; 7234 } 7235 rw_exit(&ipst->ips_ill_g_usesrc_lock); 7236 7237 return (numifs); 7238 } 7239 7240 /* Null values are passed in for ipif, sin, and ifreq */ 7241 /* ARGSUSED */ 7242 int 7243 ip_sioctl_get_ifnum(ipif_t *dummy_ipif, sin_t *dummy_sin, queue_t *q, 7244 mblk_t *mp, ip_ioctl_cmd_t *ipip, void *ifreq) 7245 { 7246 int *nump; 7247 conn_t *connp = Q_TO_CONN(q); 7248 7249 ASSERT(q->q_next == NULL); /* not a valid ioctl for ip as a module */ 7250 7251 /* Existence of b_cont->b_cont checked in ip_wput_nondata */ 7252 nump = (int *)mp->b_cont->b_cont->b_rptr; 7253 7254 *nump = ip_get_numifs(connp->conn_zoneid, 7255 connp->conn_netstack->netstack_ip); 7256 ip1dbg(("ip_sioctl_get_ifnum numifs %d", *nump)); 7257 return (0); 7258 } 7259 7260 /* Null values are passed in for ipif, sin, and ifreq */ 7261 /* ARGSUSED */ 7262 int 7263 ip_sioctl_get_lifnum(ipif_t *dummy_ipif, sin_t *dummy_sin, 7264 queue_t *q, mblk_t *mp, ip_ioctl_cmd_t *ipip, void *ifreq) 7265 { 7266 struct lifnum *lifn; 7267 mblk_t *mp1; 7268 conn_t *connp = Q_TO_CONN(q); 7269 7270 ASSERT(q->q_next == NULL); /* not a valid ioctl for ip as a module */ 7271 7272 /* Existence checked in ip_wput_nondata */ 7273 mp1 = mp->b_cont->b_cont; 7274 7275 lifn = (struct lifnum *)mp1->b_rptr; 7276 switch (lifn->lifn_family) { 7277 case AF_UNSPEC: 7278 case AF_INET: 7279 case AF_INET6: 7280 break; 7281 default: 7282 return (EAFNOSUPPORT); 7283 } 7284 7285 lifn->lifn_count = ip_get_numlifs(lifn->lifn_family, lifn->lifn_flags, 7286 connp->conn_zoneid, connp->conn_netstack->netstack_ip); 7287 ip1dbg(("ip_sioctl_get_lifnum numifs %d", lifn->lifn_count)); 7288 return (0); 7289 } 7290 7291 /* ARGSUSED */ 7292 int 7293 ip_sioctl_get_ifconf(ipif_t *dummy_ipif, sin_t *dummy_sin, queue_t *q, 7294 mblk_t *mp, ip_ioctl_cmd_t *ipip, void *ifreq) 7295 { 7296 STRUCT_HANDLE(ifconf, ifc); 7297 mblk_t *mp1; 7298 struct iocblk *iocp; 7299 struct ifreq *ifr; 7300 ill_walk_context_t ctx; 7301 ill_t *ill; 7302 ipif_t *ipif; 7303 struct sockaddr_in *sin; 7304 int32_t ifclen; 7305 zoneid_t zoneid; 7306 ip_stack_t *ipst = CONNQ_TO_IPST(q); 7307 7308 ASSERT(q->q_next == NULL); /* not valid ioctls for ip as a module */ 7309 7310 ip1dbg(("ip_sioctl_get_ifconf")); 7311 /* Existence verified in ip_wput_nondata */ 7312 mp1 = mp->b_cont->b_cont; 7313 iocp = (struct iocblk *)mp->b_rptr; 7314 zoneid = Q_TO_CONN(q)->conn_zoneid; 7315 7316 /* 7317 * The original SIOCGIFCONF passed in a struct ifconf which specified 7318 * the user buffer address and length into which the list of struct 7319 * ifreqs was to be copied. Since AT&T Streams does not seem to 7320 * allow M_COPYOUT to be used in conjunction with I_STR IOCTLS, 7321 * the SIOCGIFCONF operation was redefined to simply provide 7322 * a large output buffer into which we are supposed to jam the ifreq 7323 * array. The same ioctl command code was used, despite the fact that 7324 * both the applications and the kernel code had to change, thus making 7325 * it impossible to support both interfaces. 7326 * 7327 * For reasons not good enough to try to explain, the following 7328 * algorithm is used for deciding what to do with one of these: 7329 * If the IOCTL comes in as an I_STR, it is assumed to be of the new 7330 * form with the output buffer coming down as the continuation message. 7331 * If it arrives as a TRANSPARENT IOCTL, it is assumed to be old style, 7332 * and we have to copy in the ifconf structure to find out how big the 7333 * output buffer is and where to copy out to. Sure no problem... 7334 * 7335 */ 7336 STRUCT_SET_HANDLE(ifc, iocp->ioc_flag, NULL); 7337 if ((mp1->b_wptr - mp1->b_rptr) == STRUCT_SIZE(ifc)) { 7338 int numifs = 0; 7339 size_t ifc_bufsize; 7340 7341 /* 7342 * Must be (better be!) continuation of a TRANSPARENT 7343 * IOCTL. We just copied in the ifconf structure. 7344 */ 7345 STRUCT_SET_HANDLE(ifc, iocp->ioc_flag, 7346 (struct ifconf *)mp1->b_rptr); 7347 7348 /* 7349 * Allocate a buffer to hold requested information. 7350 * 7351 * If ifc_len is larger than what is needed, we only 7352 * allocate what we will use. 7353 * 7354 * If ifc_len is smaller than what is needed, return 7355 * EINVAL. 7356 * 7357 * XXX: the ill_t structure can hava 2 counters, for 7358 * v4 and v6 (not just ill_ipif_up_count) to store the 7359 * number of interfaces for a device, so we don't need 7360 * to count them here... 7361 */ 7362 numifs = ip_get_numifs(zoneid, ipst); 7363 7364 ifclen = STRUCT_FGET(ifc, ifc_len); 7365 ifc_bufsize = numifs * sizeof (struct ifreq); 7366 if (ifc_bufsize > ifclen) { 7367 if (iocp->ioc_cmd == O_SIOCGIFCONF) { 7368 /* old behaviour */ 7369 return (EINVAL); 7370 } else { 7371 ifc_bufsize = ifclen; 7372 } 7373 } 7374 7375 mp1 = mi_copyout_alloc(q, mp, 7376 STRUCT_FGETP(ifc, ifc_buf), ifc_bufsize, B_FALSE); 7377 if (mp1 == NULL) 7378 return (ENOMEM); 7379 7380 mp1->b_wptr = mp1->b_rptr + ifc_bufsize; 7381 } 7382 bzero(mp1->b_rptr, mp1->b_wptr - mp1->b_rptr); 7383 /* 7384 * the SIOCGIFCONF ioctl only knows about 7385 * IPv4 addresses, so don't try to tell 7386 * it about interfaces with IPv6-only 7387 * addresses. (Last parm 'isv6' is B_FALSE) 7388 */ 7389 7390 ifr = (struct ifreq *)mp1->b_rptr; 7391 7392 rw_enter(&ipst->ips_ill_g_lock, RW_READER); 7393 ill = ILL_START_WALK_V4(&ctx, ipst); 7394 for (; ill != NULL; ill = ill_next(&ctx, ill)) { 7395 if (IS_UNDER_IPMP(ill)) 7396 continue; 7397 for (ipif = ill->ill_ipif; ipif != NULL; 7398 ipif = ipif->ipif_next) { 7399 if (zoneid != ipif->ipif_zoneid && 7400 ipif->ipif_zoneid != ALL_ZONES) 7401 continue; 7402 if ((uchar_t *)&ifr[1] > mp1->b_wptr) { 7403 if (iocp->ioc_cmd == O_SIOCGIFCONF) { 7404 /* old behaviour */ 7405 rw_exit(&ipst->ips_ill_g_lock); 7406 return (EINVAL); 7407 } else { 7408 goto if_copydone; 7409 } 7410 } 7411 ipif_get_name(ipif, ifr->ifr_name, 7412 sizeof (ifr->ifr_name)); 7413 sin = (sin_t *)&ifr->ifr_addr; 7414 *sin = sin_null; 7415 sin->sin_family = AF_INET; 7416 sin->sin_addr.s_addr = ipif->ipif_lcl_addr; 7417 ifr++; 7418 } 7419 } 7420 if_copydone: 7421 rw_exit(&ipst->ips_ill_g_lock); 7422 mp1->b_wptr = (uchar_t *)ifr; 7423 7424 if (STRUCT_BUF(ifc) != NULL) { 7425 STRUCT_FSET(ifc, ifc_len, 7426 (int)((uchar_t *)ifr - mp1->b_rptr)); 7427 } 7428 return (0); 7429 } 7430 7431 /* 7432 * Get the interfaces using the address hosted on the interface passed in, 7433 * as a source adddress 7434 */ 7435 /* ARGSUSED */ 7436 int 7437 ip_sioctl_get_lifsrcof(ipif_t *dummy_ipif, sin_t *dummy_sin, queue_t *q, 7438 mblk_t *mp, ip_ioctl_cmd_t *ipip, void *ifreq) 7439 { 7440 mblk_t *mp1; 7441 ill_t *ill, *ill_head; 7442 ipif_t *ipif, *orig_ipif; 7443 int numlifs = 0; 7444 size_t lifs_bufsize, lifsmaxlen; 7445 struct lifreq *lifr; 7446 struct iocblk *iocp = (struct iocblk *)mp->b_rptr; 7447 uint_t ifindex; 7448 zoneid_t zoneid; 7449 boolean_t isv6 = B_FALSE; 7450 struct sockaddr_in *sin; 7451 struct sockaddr_in6 *sin6; 7452 STRUCT_HANDLE(lifsrcof, lifs); 7453 ip_stack_t *ipst; 7454 7455 ipst = CONNQ_TO_IPST(q); 7456 7457 ASSERT(q->q_next == NULL); 7458 7459 zoneid = Q_TO_CONN(q)->conn_zoneid; 7460 7461 /* Existence verified in ip_wput_nondata */ 7462 mp1 = mp->b_cont->b_cont; 7463 7464 /* 7465 * Must be (better be!) continuation of a TRANSPARENT 7466 * IOCTL. We just copied in the lifsrcof structure. 7467 */ 7468 STRUCT_SET_HANDLE(lifs, iocp->ioc_flag, 7469 (struct lifsrcof *)mp1->b_rptr); 7470 7471 if (MBLKL(mp1) != STRUCT_SIZE(lifs)) 7472 return (EINVAL); 7473 7474 ifindex = STRUCT_FGET(lifs, lifs_ifindex); 7475 isv6 = (Q_TO_CONN(q))->conn_family == AF_INET6; 7476 ipif = ipif_lookup_on_ifindex(ifindex, isv6, zoneid, ipst); 7477 if (ipif == NULL) { 7478 ip1dbg(("ip_sioctl_get_lifsrcof: no ipif for ifindex %d\n", 7479 ifindex)); 7480 return (ENXIO); 7481 } 7482 7483 /* Allocate a buffer to hold requested information */ 7484 numlifs = ip_get_lifsrcofnum(ipif->ipif_ill); 7485 lifs_bufsize = numlifs * sizeof (struct lifreq); 7486 lifsmaxlen = STRUCT_FGET(lifs, lifs_maxlen); 7487 /* The actual size needed is always returned in lifs_len */ 7488 STRUCT_FSET(lifs, lifs_len, lifs_bufsize); 7489 7490 /* If the amount we need is more than what is passed in, abort */ 7491 if (lifs_bufsize > lifsmaxlen || lifs_bufsize == 0) { 7492 ipif_refrele(ipif); 7493 return (0); 7494 } 7495 7496 mp1 = mi_copyout_alloc(q, mp, 7497 STRUCT_FGETP(lifs, lifs_buf), lifs_bufsize, B_FALSE); 7498 if (mp1 == NULL) { 7499 ipif_refrele(ipif); 7500 return (ENOMEM); 7501 } 7502 7503 mp1->b_wptr = mp1->b_rptr + lifs_bufsize; 7504 bzero(mp1->b_rptr, lifs_bufsize); 7505 7506 lifr = (struct lifreq *)mp1->b_rptr; 7507 7508 ill = ill_head = ipif->ipif_ill; 7509 orig_ipif = ipif; 7510 7511 /* ill_g_usesrc_lock protects ill_usesrc_grp_next */ 7512 rw_enter(&ipst->ips_ill_g_usesrc_lock, RW_READER); 7513 rw_enter(&ipst->ips_ill_g_lock, RW_READER); 7514 7515 ill = ill->ill_usesrc_grp_next; /* start from next ill */ 7516 for (; (ill != NULL) && (ill != ill_head); 7517 ill = ill->ill_usesrc_grp_next) { 7518 7519 if ((uchar_t *)&lifr[1] > mp1->b_wptr) 7520 break; 7521 7522 ipif = ill->ill_ipif; 7523 ipif_get_name(ipif, lifr->lifr_name, sizeof (lifr->lifr_name)); 7524 if (ipif->ipif_isv6) { 7525 sin6 = (sin6_t *)&lifr->lifr_addr; 7526 *sin6 = sin6_null; 7527 sin6->sin6_family = AF_INET6; 7528 sin6->sin6_addr = ipif->ipif_v6lcl_addr; 7529 lifr->lifr_addrlen = ip_mask_to_plen_v6( 7530 &ipif->ipif_v6net_mask); 7531 } else { 7532 sin = (sin_t *)&lifr->lifr_addr; 7533 *sin = sin_null; 7534 sin->sin_family = AF_INET; 7535 sin->sin_addr.s_addr = ipif->ipif_lcl_addr; 7536 lifr->lifr_addrlen = ip_mask_to_plen( 7537 ipif->ipif_net_mask); 7538 } 7539 lifr++; 7540 } 7541 rw_exit(&ipst->ips_ill_g_lock); 7542 rw_exit(&ipst->ips_ill_g_usesrc_lock); 7543 ipif_refrele(orig_ipif); 7544 mp1->b_wptr = (uchar_t *)lifr; 7545 STRUCT_FSET(lifs, lifs_len, (int)((uchar_t *)lifr - mp1->b_rptr)); 7546 7547 return (0); 7548 } 7549 7550 /* ARGSUSED */ 7551 int 7552 ip_sioctl_get_lifconf(ipif_t *dummy_ipif, sin_t *dummy_sin, queue_t *q, 7553 mblk_t *mp, ip_ioctl_cmd_t *ipip, void *ifreq) 7554 { 7555 mblk_t *mp1; 7556 int list; 7557 ill_t *ill; 7558 ipif_t *ipif; 7559 int flags; 7560 int numlifs = 0; 7561 size_t lifc_bufsize; 7562 struct lifreq *lifr; 7563 sa_family_t family; 7564 struct sockaddr_in *sin; 7565 struct sockaddr_in6 *sin6; 7566 ill_walk_context_t ctx; 7567 struct iocblk *iocp = (struct iocblk *)mp->b_rptr; 7568 int32_t lifclen; 7569 zoneid_t zoneid; 7570 STRUCT_HANDLE(lifconf, lifc); 7571 ip_stack_t *ipst = CONNQ_TO_IPST(q); 7572 7573 ip1dbg(("ip_sioctl_get_lifconf")); 7574 7575 ASSERT(q->q_next == NULL); 7576 7577 zoneid = Q_TO_CONN(q)->conn_zoneid; 7578 7579 /* Existence verified in ip_wput_nondata */ 7580 mp1 = mp->b_cont->b_cont; 7581 7582 /* 7583 * An extended version of SIOCGIFCONF that takes an 7584 * additional address family and flags field. 7585 * AF_UNSPEC retrieve both IPv4 and IPv6. 7586 * Unless LIFC_NOXMIT is specified the IPIF_NOXMIT 7587 * interfaces are omitted. 7588 * Similarly, IPIF_TEMPORARY interfaces are omitted 7589 * unless LIFC_TEMPORARY is specified. 7590 * If LIFC_EXTERNAL_SOURCE is specified, IPIF_NOXMIT, 7591 * IPIF_NOLOCAL, PHYI_LOOPBACK, IPIF_DEPRECATED and 7592 * not IPIF_UP interfaces are omitted. LIFC_EXTERNAL_SOURCE 7593 * has priority over LIFC_NOXMIT. 7594 */ 7595 STRUCT_SET_HANDLE(lifc, iocp->ioc_flag, NULL); 7596 7597 if ((mp1->b_wptr - mp1->b_rptr) != STRUCT_SIZE(lifc)) 7598 return (EINVAL); 7599 7600 /* 7601 * Must be (better be!) continuation of a TRANSPARENT 7602 * IOCTL. We just copied in the lifconf structure. 7603 */ 7604 STRUCT_SET_HANDLE(lifc, iocp->ioc_flag, (struct lifconf *)mp1->b_rptr); 7605 7606 family = STRUCT_FGET(lifc, lifc_family); 7607 flags = STRUCT_FGET(lifc, lifc_flags); 7608 7609 switch (family) { 7610 case AF_UNSPEC: 7611 /* 7612 * walk all ILL's. 7613 */ 7614 list = MAX_G_HEADS; 7615 break; 7616 case AF_INET: 7617 /* 7618 * walk only IPV4 ILL's. 7619 */ 7620 list = IP_V4_G_HEAD; 7621 break; 7622 case AF_INET6: 7623 /* 7624 * walk only IPV6 ILL's. 7625 */ 7626 list = IP_V6_G_HEAD; 7627 break; 7628 default: 7629 return (EAFNOSUPPORT); 7630 } 7631 7632 /* 7633 * Allocate a buffer to hold requested information. 7634 * 7635 * If lifc_len is larger than what is needed, we only 7636 * allocate what we will use. 7637 * 7638 * If lifc_len is smaller than what is needed, return 7639 * EINVAL. 7640 */ 7641 numlifs = ip_get_numlifs(family, flags, zoneid, ipst); 7642 lifc_bufsize = numlifs * sizeof (struct lifreq); 7643 lifclen = STRUCT_FGET(lifc, lifc_len); 7644 if (lifc_bufsize > lifclen) { 7645 if (iocp->ioc_cmd == O_SIOCGLIFCONF) 7646 return (EINVAL); 7647 else 7648 lifc_bufsize = lifclen; 7649 } 7650 7651 mp1 = mi_copyout_alloc(q, mp, 7652 STRUCT_FGETP(lifc, lifc_buf), lifc_bufsize, B_FALSE); 7653 if (mp1 == NULL) 7654 return (ENOMEM); 7655 7656 mp1->b_wptr = mp1->b_rptr + lifc_bufsize; 7657 bzero(mp1->b_rptr, mp1->b_wptr - mp1->b_rptr); 7658 7659 lifr = (struct lifreq *)mp1->b_rptr; 7660 7661 rw_enter(&ipst->ips_ill_g_lock, RW_READER); 7662 ill = ill_first(list, list, &ctx, ipst); 7663 for (; ill != NULL; ill = ill_next(&ctx, ill)) { 7664 if (IS_UNDER_IPMP(ill) && !(flags & LIFC_UNDER_IPMP)) 7665 continue; 7666 7667 for (ipif = ill->ill_ipif; ipif != NULL; 7668 ipif = ipif->ipif_next) { 7669 if ((ipif->ipif_flags & IPIF_NOXMIT) && 7670 !(flags & LIFC_NOXMIT)) 7671 continue; 7672 7673 if ((ipif->ipif_flags & IPIF_TEMPORARY) && 7674 !(flags & LIFC_TEMPORARY)) 7675 continue; 7676 7677 if (((ipif->ipif_flags & 7678 (IPIF_NOXMIT|IPIF_NOLOCAL| 7679 IPIF_DEPRECATED)) || 7680 IS_LOOPBACK(ill) || 7681 !(ipif->ipif_flags & IPIF_UP)) && 7682 (flags & LIFC_EXTERNAL_SOURCE)) 7683 continue; 7684 7685 if (zoneid != ipif->ipif_zoneid && 7686 ipif->ipif_zoneid != ALL_ZONES && 7687 (zoneid != GLOBAL_ZONEID || 7688 !(flags & LIFC_ALLZONES))) 7689 continue; 7690 7691 if ((uchar_t *)&lifr[1] > mp1->b_wptr) { 7692 if (iocp->ioc_cmd == O_SIOCGLIFCONF) { 7693 rw_exit(&ipst->ips_ill_g_lock); 7694 return (EINVAL); 7695 } else { 7696 goto lif_copydone; 7697 } 7698 } 7699 7700 ipif_get_name(ipif, lifr->lifr_name, 7701 sizeof (lifr->lifr_name)); 7702 lifr->lifr_type = ill->ill_type; 7703 if (ipif->ipif_isv6) { 7704 sin6 = (sin6_t *)&lifr->lifr_addr; 7705 *sin6 = sin6_null; 7706 sin6->sin6_family = AF_INET6; 7707 sin6->sin6_addr = 7708 ipif->ipif_v6lcl_addr; 7709 lifr->lifr_addrlen = 7710 ip_mask_to_plen_v6( 7711 &ipif->ipif_v6net_mask); 7712 } else { 7713 sin = (sin_t *)&lifr->lifr_addr; 7714 *sin = sin_null; 7715 sin->sin_family = AF_INET; 7716 sin->sin_addr.s_addr = 7717 ipif->ipif_lcl_addr; 7718 lifr->lifr_addrlen = 7719 ip_mask_to_plen( 7720 ipif->ipif_net_mask); 7721 } 7722 lifr++; 7723 } 7724 } 7725 lif_copydone: 7726 rw_exit(&ipst->ips_ill_g_lock); 7727 7728 mp1->b_wptr = (uchar_t *)lifr; 7729 if (STRUCT_BUF(lifc) != NULL) { 7730 STRUCT_FSET(lifc, lifc_len, 7731 (int)((uchar_t *)lifr - mp1->b_rptr)); 7732 } 7733 return (0); 7734 } 7735 7736 static void 7737 ip_sioctl_ip6addrpolicy(queue_t *q, mblk_t *mp) 7738 { 7739 ip6_asp_t *table; 7740 size_t table_size; 7741 mblk_t *data_mp; 7742 struct iocblk *iocp = (struct iocblk *)mp->b_rptr; 7743 ip_stack_t *ipst; 7744 7745 if (q->q_next == NULL) 7746 ipst = CONNQ_TO_IPST(q); 7747 else 7748 ipst = ILLQ_TO_IPST(q); 7749 7750 /* These two ioctls are I_STR only */ 7751 if (iocp->ioc_count == TRANSPARENT) { 7752 miocnak(q, mp, 0, EINVAL); 7753 return; 7754 } 7755 7756 data_mp = mp->b_cont; 7757 if (data_mp == NULL) { 7758 /* The user passed us a NULL argument */ 7759 table = NULL; 7760 table_size = iocp->ioc_count; 7761 } else { 7762 /* 7763 * The user provided a table. The stream head 7764 * may have copied in the user data in chunks, 7765 * so make sure everything is pulled up 7766 * properly. 7767 */ 7768 if (MBLKL(data_mp) < iocp->ioc_count) { 7769 mblk_t *new_data_mp; 7770 if ((new_data_mp = msgpullup(data_mp, -1)) == 7771 NULL) { 7772 miocnak(q, mp, 0, ENOMEM); 7773 return; 7774 } 7775 freemsg(data_mp); 7776 data_mp = new_data_mp; 7777 mp->b_cont = data_mp; 7778 } 7779 table = (ip6_asp_t *)data_mp->b_rptr; 7780 table_size = iocp->ioc_count; 7781 } 7782 7783 switch (iocp->ioc_cmd) { 7784 case SIOCGIP6ADDRPOLICY: 7785 iocp->ioc_rval = ip6_asp_get(table, table_size, ipst); 7786 if (iocp->ioc_rval == -1) 7787 iocp->ioc_error = EINVAL; 7788 #if defined(_SYSCALL32_IMPL) && _LONG_LONG_ALIGNMENT_32 == 4 7789 else if (table != NULL && 7790 (iocp->ioc_flag & IOC_MODELS) == IOC_ILP32) { 7791 ip6_asp_t *src = table; 7792 ip6_asp32_t *dst = (void *)table; 7793 int count = table_size / sizeof (ip6_asp_t); 7794 int i; 7795 7796 /* 7797 * We need to do an in-place shrink of the array 7798 * to match the alignment attributes of the 7799 * 32-bit ABI looking at it. 7800 */ 7801 /* LINTED: logical expression always true: op "||" */ 7802 ASSERT(sizeof (*src) > sizeof (*dst)); 7803 for (i = 1; i < count; i++) 7804 bcopy(src + i, dst + i, sizeof (*dst)); 7805 } 7806 #endif 7807 break; 7808 7809 case SIOCSIP6ADDRPOLICY: 7810 ASSERT(mp->b_prev == NULL); 7811 mp->b_prev = (void *)q; 7812 #if defined(_SYSCALL32_IMPL) && _LONG_LONG_ALIGNMENT_32 == 4 7813 /* 7814 * We pass in the datamodel here so that the ip6_asp_replace() 7815 * routine can handle converting from 32-bit to native formats 7816 * where necessary. 7817 * 7818 * A better way to handle this might be to convert the inbound 7819 * data structure here, and hang it off a new 'mp'; thus the 7820 * ip6_asp_replace() logic would always be dealing with native 7821 * format data structures.. 7822 * 7823 * (An even simpler way to handle these ioctls is to just 7824 * add a 32-bit trailing 'pad' field to the ip6_asp_t structure 7825 * and just recompile everything that depends on it.) 7826 */ 7827 #endif 7828 ip6_asp_replace(mp, table, table_size, B_FALSE, ipst, 7829 iocp->ioc_flag & IOC_MODELS); 7830 return; 7831 } 7832 7833 DB_TYPE(mp) = (iocp->ioc_error == 0) ? M_IOCACK : M_IOCNAK; 7834 qreply(q, mp); 7835 } 7836 7837 static void 7838 ip_sioctl_dstinfo(queue_t *q, mblk_t *mp) 7839 { 7840 mblk_t *data_mp; 7841 struct dstinforeq *dir; 7842 uint8_t *end, *cur; 7843 in6_addr_t *daddr, *saddr; 7844 ipaddr_t v4daddr; 7845 ire_t *ire; 7846 ipaddr_t v4setsrc; 7847 in6_addr_t v6setsrc; 7848 char *slabel, *dlabel; 7849 boolean_t isipv4; 7850 int match_ire; 7851 ill_t *dst_ill; 7852 struct iocblk *iocp = (struct iocblk *)mp->b_rptr; 7853 conn_t *connp = Q_TO_CONN(q); 7854 zoneid_t zoneid = IPCL_ZONEID(connp); 7855 ip_stack_t *ipst = connp->conn_netstack->netstack_ip; 7856 uint64_t ipif_flags; 7857 7858 ASSERT(q->q_next == NULL); /* this ioctl not allowed if ip is module */ 7859 7860 /* 7861 * This ioctl is I_STR only, and must have a 7862 * data mblk following the M_IOCTL mblk. 7863 */ 7864 data_mp = mp->b_cont; 7865 if (iocp->ioc_count == TRANSPARENT || data_mp == NULL) { 7866 miocnak(q, mp, 0, EINVAL); 7867 return; 7868 } 7869 7870 if (MBLKL(data_mp) < iocp->ioc_count) { 7871 mblk_t *new_data_mp; 7872 7873 if ((new_data_mp = msgpullup(data_mp, -1)) == NULL) { 7874 miocnak(q, mp, 0, ENOMEM); 7875 return; 7876 } 7877 freemsg(data_mp); 7878 data_mp = new_data_mp; 7879 mp->b_cont = data_mp; 7880 } 7881 match_ire = MATCH_IRE_DSTONLY; 7882 7883 for (cur = data_mp->b_rptr, end = data_mp->b_wptr; 7884 end - cur >= sizeof (struct dstinforeq); 7885 cur += sizeof (struct dstinforeq)) { 7886 dir = (struct dstinforeq *)cur; 7887 daddr = &dir->dir_daddr; 7888 saddr = &dir->dir_saddr; 7889 7890 /* 7891 * ip_addr_scope_v6() and ip6_asp_lookup() handle 7892 * v4 mapped addresses; ire_ftable_lookup_v6() 7893 * and ip_select_source_v6() do not. 7894 */ 7895 dir->dir_dscope = ip_addr_scope_v6(daddr); 7896 dlabel = ip6_asp_lookup(daddr, &dir->dir_precedence, ipst); 7897 7898 isipv4 = IN6_IS_ADDR_V4MAPPED(daddr); 7899 if (isipv4) { 7900 IN6_V4MAPPED_TO_IPADDR(daddr, v4daddr); 7901 v4setsrc = INADDR_ANY; 7902 ire = ire_route_recursive_v4(v4daddr, 0, NULL, zoneid, 7903 NULL, match_ire, IRR_ALLOCATE, 0, ipst, &v4setsrc, 7904 NULL, NULL); 7905 } else { 7906 v6setsrc = ipv6_all_zeros; 7907 ire = ire_route_recursive_v6(daddr, 0, NULL, zoneid, 7908 NULL, match_ire, IRR_ALLOCATE, 0, ipst, &v6setsrc, 7909 NULL, NULL); 7910 } 7911 ASSERT(ire != NULL); 7912 if (ire->ire_flags & (RTF_REJECT|RTF_BLACKHOLE)) { 7913 ire_refrele(ire); 7914 dir->dir_dreachable = 0; 7915 7916 /* move on to next dst addr */ 7917 continue; 7918 } 7919 dir->dir_dreachable = 1; 7920 7921 dst_ill = ire_nexthop_ill(ire); 7922 if (dst_ill == NULL) { 7923 ire_refrele(ire); 7924 continue; 7925 } 7926 7927 /* With ipmp we most likely look at the ipmp ill here */ 7928 dir->dir_dmactype = dst_ill->ill_mactype; 7929 7930 if (isipv4) { 7931 ipaddr_t v4saddr; 7932 7933 if (ip_select_source_v4(dst_ill, v4setsrc, v4daddr, 7934 connp->conn_ixa->ixa_multicast_ifaddr, zoneid, ipst, 7935 &v4saddr, NULL, &ipif_flags) != 0) { 7936 v4saddr = INADDR_ANY; 7937 ipif_flags = 0; 7938 } 7939 IN6_IPADDR_TO_V4MAPPED(v4saddr, saddr); 7940 } else { 7941 if (ip_select_source_v6(dst_ill, &v6setsrc, daddr, 7942 zoneid, ipst, B_FALSE, IPV6_PREFER_SRC_DEFAULT, 7943 saddr, NULL, &ipif_flags) != 0) { 7944 *saddr = ipv6_all_zeros; 7945 ipif_flags = 0; 7946 } 7947 } 7948 7949 dir->dir_sscope = ip_addr_scope_v6(saddr); 7950 slabel = ip6_asp_lookup(saddr, NULL, ipst); 7951 dir->dir_labelmatch = ip6_asp_labelcmp(dlabel, slabel); 7952 dir->dir_sdeprecated = (ipif_flags & IPIF_DEPRECATED) ? 1 : 0; 7953 ire_refrele(ire); 7954 ill_refrele(dst_ill); 7955 } 7956 miocack(q, mp, iocp->ioc_count, 0); 7957 } 7958 7959 /* 7960 * Check if this is an address assigned to this machine. 7961 * Skips interfaces that are down by using ire checks. 7962 * Translates mapped addresses to v4 addresses and then 7963 * treats them as such, returning true if the v4 address 7964 * associated with this mapped address is configured. 7965 * Note: Applications will have to be careful what they do 7966 * with the response; use of mapped addresses limits 7967 * what can be done with the socket, especially with 7968 * respect to socket options and ioctls - neither IPv4 7969 * options nor IPv6 sticky options/ancillary data options 7970 * may be used. 7971 */ 7972 /* ARGSUSED */ 7973 int 7974 ip_sioctl_tmyaddr(ipif_t *dummy_ipif, sin_t *dummy_sin, queue_t *q, mblk_t *mp, 7975 ip_ioctl_cmd_t *ipip, void *dummy_ifreq) 7976 { 7977 struct sioc_addrreq *sia; 7978 sin_t *sin; 7979 ire_t *ire; 7980 mblk_t *mp1; 7981 zoneid_t zoneid; 7982 ip_stack_t *ipst; 7983 7984 ip1dbg(("ip_sioctl_tmyaddr")); 7985 7986 ASSERT(q->q_next == NULL); /* this ioctl not allowed if ip is module */ 7987 zoneid = Q_TO_CONN(q)->conn_zoneid; 7988 ipst = CONNQ_TO_IPST(q); 7989 7990 /* Existence verified in ip_wput_nondata */ 7991 mp1 = mp->b_cont->b_cont; 7992 sia = (struct sioc_addrreq *)mp1->b_rptr; 7993 sin = (sin_t *)&sia->sa_addr; 7994 switch (sin->sin_family) { 7995 case AF_INET6: { 7996 sin6_t *sin6 = (sin6_t *)sin; 7997 7998 if (IN6_IS_ADDR_V4MAPPED(&sin6->sin6_addr)) { 7999 ipaddr_t v4_addr; 8000 8001 IN6_V4MAPPED_TO_IPADDR(&sin6->sin6_addr, 8002 v4_addr); 8003 ire = ire_ftable_lookup_v4(v4_addr, 0, 0, 8004 IRE_LOCAL|IRE_LOOPBACK, NULL, zoneid, NULL, 8005 MATCH_IRE_TYPE | MATCH_IRE_ZONEONLY, 0, ipst, NULL); 8006 } else { 8007 in6_addr_t v6addr; 8008 8009 v6addr = sin6->sin6_addr; 8010 ire = ire_ftable_lookup_v6(&v6addr, 0, 0, 8011 IRE_LOCAL|IRE_LOOPBACK, NULL, zoneid, NULL, 8012 MATCH_IRE_TYPE | MATCH_IRE_ZONEONLY, 0, ipst, NULL); 8013 } 8014 break; 8015 } 8016 case AF_INET: { 8017 ipaddr_t v4addr; 8018 8019 v4addr = sin->sin_addr.s_addr; 8020 ire = ire_ftable_lookup_v4(v4addr, 0, 0, 8021 IRE_LOCAL|IRE_LOOPBACK, NULL, zoneid, 8022 NULL, MATCH_IRE_TYPE | MATCH_IRE_ZONEONLY, 0, ipst, NULL); 8023 break; 8024 } 8025 default: 8026 return (EAFNOSUPPORT); 8027 } 8028 if (ire != NULL) { 8029 sia->sa_res = 1; 8030 ire_refrele(ire); 8031 } else { 8032 sia->sa_res = 0; 8033 } 8034 return (0); 8035 } 8036 8037 /* 8038 * Check if this is an address assigned on-link i.e. neighbor, 8039 * and makes sure it's reachable from the current zone. 8040 * Returns true for my addresses as well. 8041 * Translates mapped addresses to v4 addresses and then 8042 * treats them as such, returning true if the v4 address 8043 * associated with this mapped address is configured. 8044 * Note: Applications will have to be careful what they do 8045 * with the response; use of mapped addresses limits 8046 * what can be done with the socket, especially with 8047 * respect to socket options and ioctls - neither IPv4 8048 * options nor IPv6 sticky options/ancillary data options 8049 * may be used. 8050 */ 8051 /* ARGSUSED */ 8052 int 8053 ip_sioctl_tonlink(ipif_t *dummy_ipif, sin_t *dummy_sin, queue_t *q, mblk_t *mp, 8054 ip_ioctl_cmd_t *ipip, void *duymmy_ifreq) 8055 { 8056 struct sioc_addrreq *sia; 8057 sin_t *sin; 8058 mblk_t *mp1; 8059 ire_t *ire = NULL; 8060 zoneid_t zoneid; 8061 ip_stack_t *ipst; 8062 8063 ip1dbg(("ip_sioctl_tonlink")); 8064 8065 ASSERT(q->q_next == NULL); /* this ioctl not allowed if ip is module */ 8066 zoneid = Q_TO_CONN(q)->conn_zoneid; 8067 ipst = CONNQ_TO_IPST(q); 8068 8069 /* Existence verified in ip_wput_nondata */ 8070 mp1 = mp->b_cont->b_cont; 8071 sia = (struct sioc_addrreq *)mp1->b_rptr; 8072 sin = (sin_t *)&sia->sa_addr; 8073 8074 /* 8075 * We check for IRE_ONLINK and exclude IRE_BROADCAST|IRE_MULTICAST 8076 * to make sure we only look at on-link unicast address. 8077 */ 8078 switch (sin->sin_family) { 8079 case AF_INET6: { 8080 sin6_t *sin6 = (sin6_t *)sin; 8081 8082 if (IN6_IS_ADDR_V4MAPPED(&sin6->sin6_addr)) { 8083 ipaddr_t v4_addr; 8084 8085 IN6_V4MAPPED_TO_IPADDR(&sin6->sin6_addr, 8086 v4_addr); 8087 if (!CLASSD(v4_addr)) { 8088 ire = ire_ftable_lookup_v4(v4_addr, 0, 0, 0, 8089 NULL, zoneid, NULL, MATCH_IRE_DSTONLY, 8090 0, ipst, NULL); 8091 } 8092 } else { 8093 in6_addr_t v6addr; 8094 8095 v6addr = sin6->sin6_addr; 8096 if (!IN6_IS_ADDR_MULTICAST(&v6addr)) { 8097 ire = ire_ftable_lookup_v6(&v6addr, 0, 0, 0, 8098 NULL, zoneid, NULL, MATCH_IRE_DSTONLY, 0, 8099 ipst, NULL); 8100 } 8101 } 8102 break; 8103 } 8104 case AF_INET: { 8105 ipaddr_t v4addr; 8106 8107 v4addr = sin->sin_addr.s_addr; 8108 if (!CLASSD(v4addr)) { 8109 ire = ire_ftable_lookup_v4(v4addr, 0, 0, 0, NULL, 8110 zoneid, NULL, MATCH_IRE_DSTONLY, 0, ipst, NULL); 8111 } 8112 break; 8113 } 8114 default: 8115 return (EAFNOSUPPORT); 8116 } 8117 sia->sa_res = 0; 8118 if (ire != NULL) { 8119 ASSERT(!(ire->ire_type & IRE_MULTICAST)); 8120 8121 if ((ire->ire_type & IRE_ONLINK) && 8122 !(ire->ire_type & IRE_BROADCAST)) 8123 sia->sa_res = 1; 8124 ire_refrele(ire); 8125 } 8126 return (0); 8127 } 8128 8129 /* 8130 * TBD: implement when kernel maintaines a list of site prefixes. 8131 */ 8132 /* ARGSUSED */ 8133 int 8134 ip_sioctl_tmysite(ipif_t *ipif, sin_t *sin, queue_t *q, mblk_t *mp, 8135 ip_ioctl_cmd_t *ipip, void *ifreq) 8136 { 8137 return (ENXIO); 8138 } 8139 8140 /* ARP IOCTLs. */ 8141 /* ARGSUSED */ 8142 int 8143 ip_sioctl_arp(ipif_t *ipif, sin_t *sin, queue_t *q, mblk_t *mp, 8144 ip_ioctl_cmd_t *ipip, void *dummy_ifreq) 8145 { 8146 int err; 8147 ipaddr_t ipaddr; 8148 struct iocblk *iocp; 8149 conn_t *connp; 8150 struct arpreq *ar; 8151 struct xarpreq *xar; 8152 int arp_flags, flags, alength; 8153 uchar_t *lladdr; 8154 ip_stack_t *ipst; 8155 ill_t *ill = ipif->ipif_ill; 8156 ill_t *proxy_ill = NULL; 8157 ipmp_arpent_t *entp = NULL; 8158 boolean_t proxyarp = B_FALSE; 8159 boolean_t if_arp_ioctl = B_FALSE; 8160 ncec_t *ncec = NULL; 8161 nce_t *nce; 8162 8163 ASSERT(!(q->q_flag & QREADR) && q->q_next == NULL); 8164 connp = Q_TO_CONN(q); 8165 ipst = connp->conn_netstack->netstack_ip; 8166 iocp = (struct iocblk *)mp->b_rptr; 8167 8168 if (ipip->ipi_cmd_type == XARP_CMD) { 8169 /* We have a chain - M_IOCTL-->MI_COPY_MBLK-->XARPREQ_MBLK */ 8170 xar = (struct xarpreq *)mp->b_cont->b_cont->b_rptr; 8171 ar = NULL; 8172 8173 arp_flags = xar->xarp_flags; 8174 lladdr = (uchar_t *)LLADDR(&xar->xarp_ha); 8175 if_arp_ioctl = (xar->xarp_ha.sdl_nlen != 0); 8176 /* 8177 * Validate against user's link layer address length 8178 * input and name and addr length limits. 8179 */ 8180 alength = ill->ill_phys_addr_length; 8181 if (ipip->ipi_cmd == SIOCSXARP) { 8182 if (alength != xar->xarp_ha.sdl_alen || 8183 (alength + xar->xarp_ha.sdl_nlen > 8184 sizeof (xar->xarp_ha.sdl_data))) 8185 return (EINVAL); 8186 } 8187 } else { 8188 /* We have a chain - M_IOCTL-->MI_COPY_MBLK-->ARPREQ_MBLK */ 8189 ar = (struct arpreq *)mp->b_cont->b_cont->b_rptr; 8190 xar = NULL; 8191 8192 arp_flags = ar->arp_flags; 8193 lladdr = (uchar_t *)ar->arp_ha.sa_data; 8194 /* 8195 * Theoretically, the sa_family could tell us what link 8196 * layer type this operation is trying to deal with. By 8197 * common usage AF_UNSPEC means ethernet. We'll assume 8198 * any attempt to use the SIOC?ARP ioctls is for ethernet, 8199 * for now. Our new SIOC*XARP ioctls can be used more 8200 * generally. 8201 * 8202 * If the underlying media happens to have a non 6 byte 8203 * address, arp module will fail set/get, but the del 8204 * operation will succeed. 8205 */ 8206 alength = 6; 8207 if ((ipip->ipi_cmd != SIOCDARP) && 8208 (alength != ill->ill_phys_addr_length)) { 8209 return (EINVAL); 8210 } 8211 } 8212 8213 /* Translate ATF* flags to NCE* flags */ 8214 flags = 0; 8215 if (arp_flags & ATF_AUTHORITY) 8216 flags |= NCE_F_AUTHORITY; 8217 if (arp_flags & ATF_PERM) 8218 flags |= NCE_F_NONUD; /* not subject to aging */ 8219 if (arp_flags & ATF_PUBL) 8220 flags |= NCE_F_PUBLISH; 8221 8222 /* 8223 * IPMP ARP special handling: 8224 * 8225 * 1. Since ARP mappings must appear consistent across the group, 8226 * prohibit changing ARP mappings on the underlying interfaces. 8227 * 8228 * 2. Since ARP mappings for IPMP data addresses are maintained by 8229 * IP itself, prohibit changing them. 8230 * 8231 * 3. For proxy ARP, use a functioning hardware address in the group, 8232 * provided one exists. If one doesn't, just add the entry as-is; 8233 * ipmp_illgrp_refresh_arpent() will refresh it if things change. 8234 */ 8235 if (IS_UNDER_IPMP(ill)) { 8236 if (ipip->ipi_cmd != SIOCGARP && ipip->ipi_cmd != SIOCGXARP) 8237 return (EPERM); 8238 } 8239 if (IS_IPMP(ill)) { 8240 ipmp_illgrp_t *illg = ill->ill_grp; 8241 8242 switch (ipip->ipi_cmd) { 8243 case SIOCSARP: 8244 case SIOCSXARP: 8245 proxy_ill = ipmp_illgrp_find_ill(illg, lladdr, alength); 8246 if (proxy_ill != NULL) { 8247 proxyarp = B_TRUE; 8248 if (!ipmp_ill_is_active(proxy_ill)) 8249 proxy_ill = ipmp_illgrp_next_ill(illg); 8250 if (proxy_ill != NULL) 8251 lladdr = proxy_ill->ill_phys_addr; 8252 } 8253 /* FALLTHRU */ 8254 } 8255 } 8256 8257 ipaddr = sin->sin_addr.s_addr; 8258 /* 8259 * don't match across illgrp per case (1) and (2). 8260 * XXX use IS_IPMP(ill) like ndp_sioc_update? 8261 */ 8262 nce = nce_lookup_v4(ill, &ipaddr); 8263 if (nce != NULL) 8264 ncec = nce->nce_common; 8265 8266 switch (iocp->ioc_cmd) { 8267 case SIOCDARP: 8268 case SIOCDXARP: { 8269 /* 8270 * Delete the NCE if any. 8271 */ 8272 if (ncec == NULL) { 8273 iocp->ioc_error = ENXIO; 8274 break; 8275 } 8276 /* Don't allow changes to arp mappings of local addresses. */ 8277 if (NCE_MYADDR(ncec)) { 8278 nce_refrele(nce); 8279 return (ENOTSUP); 8280 } 8281 iocp->ioc_error = 0; 8282 8283 /* 8284 * Delete the nce_common which has ncec_ill set to ipmp_ill. 8285 * This will delete all the nce entries on the under_ills. 8286 */ 8287 ncec_delete(ncec); 8288 /* 8289 * Once the NCE has been deleted, then the ire_dep* consistency 8290 * mechanism will find any IRE which depended on the now 8291 * condemned NCE (as part of sending packets). 8292 * That mechanism handles redirects by deleting redirects 8293 * that refer to UNREACHABLE nces. 8294 */ 8295 break; 8296 } 8297 case SIOCGARP: 8298 case SIOCGXARP: 8299 if (ncec != NULL) { 8300 lladdr = ncec->ncec_lladdr; 8301 flags = ncec->ncec_flags; 8302 iocp->ioc_error = 0; 8303 ip_sioctl_garp_reply(mp, ncec->ncec_ill, lladdr, flags); 8304 } else { 8305 iocp->ioc_error = ENXIO; 8306 } 8307 break; 8308 case SIOCSARP: 8309 case SIOCSXARP: 8310 /* Don't allow changes to arp mappings of local addresses. */ 8311 if (ncec != NULL && NCE_MYADDR(ncec)) { 8312 nce_refrele(nce); 8313 return (ENOTSUP); 8314 } 8315 8316 /* static arp entries will undergo NUD if ATF_PERM is not set */ 8317 flags |= NCE_F_STATIC; 8318 if (!if_arp_ioctl) { 8319 ip_nce_lookup_and_update(&ipaddr, NULL, ipst, 8320 lladdr, alength, flags); 8321 } else { 8322 ipif_t *ipif = ipif_get_next_ipif(NULL, ill); 8323 if (ipif != NULL) { 8324 ip_nce_lookup_and_update(&ipaddr, ipif, ipst, 8325 lladdr, alength, flags); 8326 ipif_refrele(ipif); 8327 } 8328 } 8329 if (nce != NULL) { 8330 nce_refrele(nce); 8331 nce = NULL; 8332 } 8333 /* 8334 * NCE_F_STATIC entries will be added in state ND_REACHABLE 8335 * by nce_add_common() 8336 */ 8337 err = nce_lookup_then_add_v4(ill, lladdr, 8338 ill->ill_phys_addr_length, &ipaddr, flags, ND_UNCHANGED, 8339 &nce); 8340 if (err == EEXIST) { 8341 ncec = nce->nce_common; 8342 mutex_enter(&ncec->ncec_lock); 8343 ncec->ncec_state = ND_REACHABLE; 8344 ncec->ncec_flags = flags; 8345 nce_update(ncec, ND_UNCHANGED, lladdr); 8346 mutex_exit(&ncec->ncec_lock); 8347 err = 0; 8348 } 8349 if (nce != NULL) { 8350 nce_refrele(nce); 8351 nce = NULL; 8352 } 8353 if (IS_IPMP(ill) && err == 0) { 8354 entp = ipmp_illgrp_create_arpent(ill->ill_grp, 8355 proxyarp, ipaddr, lladdr, ill->ill_phys_addr_length, 8356 flags); 8357 if (entp == NULL || (proxyarp && proxy_ill == NULL)) { 8358 iocp->ioc_error = (entp == NULL ? ENOMEM : 0); 8359 break; 8360 } 8361 } 8362 iocp->ioc_error = err; 8363 } 8364 8365 if (nce != NULL) { 8366 nce_refrele(nce); 8367 } 8368 8369 /* 8370 * If we created an IPMP ARP entry, mark that we've notified ARP. 8371 */ 8372 if (entp != NULL) 8373 ipmp_illgrp_mark_arpent(ill->ill_grp, entp); 8374 8375 return (iocp->ioc_error); 8376 } 8377 8378 /* 8379 * Parse an [x]arpreq structure coming down SIOC[GSD][X]ARP ioctls, identify 8380 * the associated sin and refhold and return the associated ipif via `ci'. 8381 */ 8382 int 8383 ip_extract_arpreq(queue_t *q, mblk_t *mp, const ip_ioctl_cmd_t *ipip, 8384 cmd_info_t *ci) 8385 { 8386 mblk_t *mp1; 8387 sin_t *sin; 8388 conn_t *connp; 8389 ipif_t *ipif; 8390 ire_t *ire = NULL; 8391 ill_t *ill = NULL; 8392 boolean_t exists; 8393 ip_stack_t *ipst; 8394 struct arpreq *ar; 8395 struct xarpreq *xar; 8396 struct sockaddr_dl *sdl; 8397 8398 /* ioctl comes down on a conn */ 8399 ASSERT(!(q->q_flag & QREADR) && q->q_next == NULL); 8400 connp = Q_TO_CONN(q); 8401 if (connp->conn_family == AF_INET6) 8402 return (ENXIO); 8403 8404 ipst = connp->conn_netstack->netstack_ip; 8405 8406 /* Verified in ip_wput_nondata */ 8407 mp1 = mp->b_cont->b_cont; 8408 8409 if (ipip->ipi_cmd_type == XARP_CMD) { 8410 ASSERT(MBLKL(mp1) >= sizeof (struct xarpreq)); 8411 xar = (struct xarpreq *)mp1->b_rptr; 8412 sin = (sin_t *)&xar->xarp_pa; 8413 sdl = &xar->xarp_ha; 8414 8415 if (sdl->sdl_family != AF_LINK || sin->sin_family != AF_INET) 8416 return (ENXIO); 8417 if (sdl->sdl_nlen >= LIFNAMSIZ) 8418 return (EINVAL); 8419 } else { 8420 ASSERT(ipip->ipi_cmd_type == ARP_CMD); 8421 ASSERT(MBLKL(mp1) >= sizeof (struct arpreq)); 8422 ar = (struct arpreq *)mp1->b_rptr; 8423 sin = (sin_t *)&ar->arp_pa; 8424 } 8425 8426 if (ipip->ipi_cmd_type == XARP_CMD && sdl->sdl_nlen != 0) { 8427 ipif = ipif_lookup_on_name(sdl->sdl_data, sdl->sdl_nlen, 8428 B_FALSE, &exists, B_FALSE, ALL_ZONES, ipst); 8429 if (ipif == NULL) 8430 return (ENXIO); 8431 if (ipif->ipif_id != 0) { 8432 ipif_refrele(ipif); 8433 return (ENXIO); 8434 } 8435 } else { 8436 /* 8437 * Either an SIOC[DGS]ARP or an SIOC[DGS]XARP with an sdl_nlen 8438 * of 0: use the IP address to find the ipif. If the IP 8439 * address is an IPMP test address, ire_ftable_lookup() will 8440 * find the wrong ill, so we first do an ipif_lookup_addr(). 8441 */ 8442 ipif = ipif_lookup_addr(sin->sin_addr.s_addr, NULL, ALL_ZONES, 8443 ipst); 8444 if (ipif == NULL) { 8445 ire = ire_ftable_lookup_v4(sin->sin_addr.s_addr, 8446 0, 0, IRE_IF_RESOLVER, NULL, ALL_ZONES, 8447 NULL, MATCH_IRE_TYPE, 0, ipst, NULL); 8448 if (ire == NULL || ((ill = ire->ire_ill) == NULL)) { 8449 if (ire != NULL) 8450 ire_refrele(ire); 8451 return (ENXIO); 8452 } 8453 ASSERT(ire != NULL && ill != NULL); 8454 ipif = ill->ill_ipif; 8455 ipif_refhold(ipif); 8456 ire_refrele(ire); 8457 } 8458 } 8459 8460 if (ipif->ipif_ill->ill_net_type != IRE_IF_RESOLVER) { 8461 ipif_refrele(ipif); 8462 return (ENXIO); 8463 } 8464 8465 ci->ci_sin = sin; 8466 ci->ci_ipif = ipif; 8467 return (0); 8468 } 8469 8470 /* 8471 * Link or unlink the illgrp on IPMP meta-interface `ill' depending on the 8472 * value of `ioccmd'. While an illgrp is linked to an ipmp_grp_t, it is 8473 * accessible from that ipmp_grp_t, which means SIOCSLIFGROUPNAME can look it 8474 * up and thus an ill can join that illgrp. 8475 * 8476 * We use I_PLINK/I_PUNLINK to do the link/unlink operations rather than 8477 * open()/close() primarily because close() is not allowed to fail or block 8478 * forever. On the other hand, I_PUNLINK *can* fail, and there's no reason 8479 * why anyone should ever need to I_PUNLINK an in-use IPMP stream. To ensure 8480 * symmetric behavior (e.g., doing an I_PLINK after and I_PUNLINK undoes the 8481 * I_PUNLINK) we defer linking to I_PLINK. Separately, we also fail attempts 8482 * to I_LINK since I_UNLINK is optional and we'd end up in an inconsistent 8483 * state if I_UNLINK didn't occur. 8484 * 8485 * Note that for each plumb/unplumb operation, we may end up here more than 8486 * once because of the way ifconfig works. However, it's OK to link the same 8487 * illgrp more than once, or unlink an illgrp that's already unlinked. 8488 */ 8489 static int 8490 ip_sioctl_plink_ipmp(ill_t *ill, int ioccmd) 8491 { 8492 int err; 8493 ip_stack_t *ipst = ill->ill_ipst; 8494 8495 ASSERT(IS_IPMP(ill)); 8496 ASSERT(IAM_WRITER_ILL(ill)); 8497 8498 switch (ioccmd) { 8499 case I_LINK: 8500 return (ENOTSUP); 8501 8502 case I_PLINK: 8503 rw_enter(&ipst->ips_ipmp_lock, RW_WRITER); 8504 ipmp_illgrp_link_grp(ill->ill_grp, ill->ill_phyint->phyint_grp); 8505 rw_exit(&ipst->ips_ipmp_lock); 8506 break; 8507 8508 case I_PUNLINK: 8509 /* 8510 * Require all UP ipifs be brought down prior to unlinking the 8511 * illgrp so any associated IREs (and other state) is torched. 8512 */ 8513 if (ill->ill_ipif_up_count + ill->ill_ipif_dup_count > 0) 8514 return (EBUSY); 8515 8516 /* 8517 * NOTE: We hold ipmp_lock across the unlink to prevent a race 8518 * with an SIOCSLIFGROUPNAME request from an ill trying to 8519 * join this group. Specifically: ills trying to join grab 8520 * ipmp_lock and bump a "pending join" counter checked by 8521 * ipmp_illgrp_unlink_grp(). During the unlink no new pending 8522 * joins can occur (since we have ipmp_lock). Once we drop 8523 * ipmp_lock, subsequent SIOCSLIFGROUPNAME requests will not 8524 * find the illgrp (since we unlinked it) and will return 8525 * EAFNOSUPPORT. This will then take them back through the 8526 * IPMP meta-interface plumbing logic in ifconfig, and thus 8527 * back through I_PLINK above. 8528 */ 8529 rw_enter(&ipst->ips_ipmp_lock, RW_WRITER); 8530 err = ipmp_illgrp_unlink_grp(ill->ill_grp); 8531 rw_exit(&ipst->ips_ipmp_lock); 8532 return (err); 8533 default: 8534 break; 8535 } 8536 return (0); 8537 } 8538 8539 /* 8540 * Do I_PLINK/I_LINK or I_PUNLINK/I_UNLINK with consistency checks and also 8541 * atomically set/clear the muxids. Also complete the ioctl by acking or 8542 * naking it. Note that the code is structured such that the link type, 8543 * whether it's persistent or not, is treated equally. ifconfig(1M) and 8544 * its clones use the persistent link, while pppd(1M) and perhaps many 8545 * other daemons may use non-persistent link. When combined with some 8546 * ill_t states, linking and unlinking lower streams may be used as 8547 * indicators of dynamic re-plumbing events [see PSARC/1999/348]. 8548 */ 8549 /* ARGSUSED */ 8550 void 8551 ip_sioctl_plink(ipsq_t *ipsq, queue_t *q, mblk_t *mp, void *dummy_arg) 8552 { 8553 mblk_t *mp1; 8554 struct linkblk *li; 8555 int ioccmd = ((struct iocblk *)mp->b_rptr)->ioc_cmd; 8556 int err = 0; 8557 8558 ASSERT(ioccmd == I_PLINK || ioccmd == I_PUNLINK || 8559 ioccmd == I_LINK || ioccmd == I_UNLINK); 8560 8561 mp1 = mp->b_cont; /* This is the linkblk info */ 8562 li = (struct linkblk *)mp1->b_rptr; 8563 8564 err = ip_sioctl_plink_ipmod(ipsq, q, mp, ioccmd, li); 8565 if (err == EINPROGRESS) 8566 return; 8567 if (err == 0) 8568 miocack(q, mp, 0, 0); 8569 else 8570 miocnak(q, mp, 0, err); 8571 8572 /* Conn was refheld in ip_sioctl_copyin_setup */ 8573 if (CONN_Q(q)) { 8574 CONN_DEC_IOCTLREF(Q_TO_CONN(q)); 8575 CONN_OPER_PENDING_DONE(Q_TO_CONN(q)); 8576 } 8577 } 8578 8579 /* 8580 * Process I_{P}LINK and I_{P}UNLINK requests named by `ioccmd' and pointed to 8581 * by `mp' and `li' for the IP module stream (if li->q_bot is in fact an IP 8582 * module stream). 8583 * Returns zero on success, EINPROGRESS if the operation is still pending, or 8584 * an error code on failure. 8585 */ 8586 static int 8587 ip_sioctl_plink_ipmod(ipsq_t *ipsq, queue_t *q, mblk_t *mp, int ioccmd, 8588 struct linkblk *li) 8589 { 8590 int err = 0; 8591 ill_t *ill; 8592 queue_t *ipwq, *dwq; 8593 const char *name; 8594 struct qinit *qinfo; 8595 boolean_t islink = (ioccmd == I_PLINK || ioccmd == I_LINK); 8596 boolean_t entered_ipsq = B_FALSE; 8597 boolean_t is_ip = B_FALSE; 8598 arl_t *arl; 8599 8600 /* 8601 * Walk the lower stream to verify it's the IP module stream. 8602 * The IP module is identified by its name, wput function, 8603 * and non-NULL q_next. STREAMS ensures that the lower stream 8604 * (li->l_qbot) will not vanish until this ioctl completes. 8605 */ 8606 for (ipwq = li->l_qbot; ipwq != NULL; ipwq = ipwq->q_next) { 8607 qinfo = ipwq->q_qinfo; 8608 name = qinfo->qi_minfo->mi_idname; 8609 if (name != NULL && strcmp(name, ip_mod_info.mi_idname) == 0 && 8610 qinfo->qi_putp != (pfi_t)ip_lwput && ipwq->q_next != NULL) { 8611 is_ip = B_TRUE; 8612 break; 8613 } 8614 if (name != NULL && strcmp(name, arp_mod_info.mi_idname) == 0 && 8615 qinfo->qi_putp != (pfi_t)ip_lwput && ipwq->q_next != NULL) { 8616 break; 8617 } 8618 } 8619 8620 /* 8621 * If this isn't an IP module stream, bail. 8622 */ 8623 if (ipwq == NULL) 8624 return (0); 8625 8626 if (!is_ip) { 8627 arl = (arl_t *)ipwq->q_ptr; 8628 ill = arl_to_ill(arl); 8629 if (ill == NULL) 8630 return (0); 8631 } else { 8632 ill = ipwq->q_ptr; 8633 } 8634 ASSERT(ill != NULL); 8635 8636 if (ipsq == NULL) { 8637 ipsq = ipsq_try_enter(NULL, ill, q, mp, ip_sioctl_plink, 8638 NEW_OP, B_FALSE); 8639 if (ipsq == NULL) { 8640 if (!is_ip) 8641 ill_refrele(ill); 8642 return (EINPROGRESS); 8643 } 8644 entered_ipsq = B_TRUE; 8645 } 8646 ASSERT(IAM_WRITER_ILL(ill)); 8647 mutex_enter(&ill->ill_lock); 8648 if (!is_ip) { 8649 if (islink && ill->ill_muxid == 0) { 8650 /* 8651 * Plumbing has to be done with IP plumbed first, arp 8652 * second, but here we have arp being plumbed first. 8653 */ 8654 mutex_exit(&ill->ill_lock); 8655 if (entered_ipsq) 8656 ipsq_exit(ipsq); 8657 ill_refrele(ill); 8658 return (EINVAL); 8659 } 8660 } 8661 mutex_exit(&ill->ill_lock); 8662 if (!is_ip) { 8663 arl->arl_muxid = islink ? li->l_index : 0; 8664 ill_refrele(ill); 8665 goto done; 8666 } 8667 8668 if (IS_IPMP(ill) && (err = ip_sioctl_plink_ipmp(ill, ioccmd)) != 0) 8669 goto done; 8670 8671 /* 8672 * As part of I_{P}LINKing, stash the number of downstream modules and 8673 * the read queue of the module immediately below IP in the ill. 8674 * These are used during the capability negotiation below. 8675 */ 8676 ill->ill_lmod_rq = NULL; 8677 ill->ill_lmod_cnt = 0; 8678 if (islink && ((dwq = ipwq->q_next) != NULL)) { 8679 ill->ill_lmod_rq = RD(dwq); 8680 for (; dwq != NULL; dwq = dwq->q_next) 8681 ill->ill_lmod_cnt++; 8682 } 8683 8684 ill->ill_muxid = islink ? li->l_index : 0; 8685 8686 /* 8687 * Mark the ipsq busy until the capability operations initiated below 8688 * complete. The PLINK/UNLINK ioctl itself completes when our caller 8689 * returns, but the capability operation may complete asynchronously 8690 * much later. 8691 */ 8692 ipsq_current_start(ipsq, ill->ill_ipif, ioccmd); 8693 /* 8694 * If there's at least one up ipif on this ill, then we're bound to 8695 * the underlying driver via DLPI. In that case, renegotiate 8696 * capabilities to account for any possible change in modules 8697 * interposed between IP and the driver. 8698 */ 8699 if (ill->ill_ipif_up_count > 0) { 8700 if (islink) 8701 ill_capability_probe(ill); 8702 else 8703 ill_capability_reset(ill, B_FALSE); 8704 } 8705 ipsq_current_finish(ipsq); 8706 done: 8707 if (entered_ipsq) 8708 ipsq_exit(ipsq); 8709 8710 return (err); 8711 } 8712 8713 /* 8714 * Search the ioctl command in the ioctl tables and return a pointer 8715 * to the ioctl command information. The ioctl command tables are 8716 * static and fully populated at compile time. 8717 */ 8718 ip_ioctl_cmd_t * 8719 ip_sioctl_lookup(int ioc_cmd) 8720 { 8721 int index; 8722 ip_ioctl_cmd_t *ipip; 8723 ip_ioctl_cmd_t *ipip_end; 8724 8725 if (ioc_cmd == IPI_DONTCARE) 8726 return (NULL); 8727 8728 /* 8729 * Do a 2 step search. First search the indexed table 8730 * based on the least significant byte of the ioctl cmd. 8731 * If we don't find a match, then search the misc table 8732 * serially. 8733 */ 8734 index = ioc_cmd & 0xFF; 8735 if (index < ip_ndx_ioctl_count) { 8736 ipip = &ip_ndx_ioctl_table[index]; 8737 if (ipip->ipi_cmd == ioc_cmd) { 8738 /* Found a match in the ndx table */ 8739 return (ipip); 8740 } 8741 } 8742 8743 /* Search the misc table */ 8744 ipip_end = &ip_misc_ioctl_table[ip_misc_ioctl_count]; 8745 for (ipip = ip_misc_ioctl_table; ipip < ipip_end; ipip++) { 8746 if (ipip->ipi_cmd == ioc_cmd) 8747 /* Found a match in the misc table */ 8748 return (ipip); 8749 } 8750 8751 return (NULL); 8752 } 8753 8754 /* 8755 * helper function for ip_sioctl_getsetprop(), which does some sanity checks 8756 */ 8757 static boolean_t 8758 getset_ioctl_checks(mblk_t *mp) 8759 { 8760 struct iocblk *iocp = (struct iocblk *)mp->b_rptr; 8761 mblk_t *mp1 = mp->b_cont; 8762 mod_ioc_prop_t *pioc; 8763 uint_t flags; 8764 uint_t pioc_size; 8765 8766 /* do sanity checks on various arguments */ 8767 if (mp1 == NULL || iocp->ioc_count == 0 || 8768 iocp->ioc_count == TRANSPARENT) { 8769 return (B_FALSE); 8770 } 8771 if (msgdsize(mp1) < iocp->ioc_count) { 8772 if (!pullupmsg(mp1, iocp->ioc_count)) 8773 return (B_FALSE); 8774 } 8775 8776 pioc = (mod_ioc_prop_t *)mp1->b_rptr; 8777 8778 /* sanity checks on mpr_valsize */ 8779 pioc_size = sizeof (mod_ioc_prop_t); 8780 if (pioc->mpr_valsize != 0) 8781 pioc_size += pioc->mpr_valsize - 1; 8782 8783 if (iocp->ioc_count != pioc_size) 8784 return (B_FALSE); 8785 8786 flags = pioc->mpr_flags; 8787 if (iocp->ioc_cmd == SIOCSETPROP) { 8788 /* 8789 * One can either reset the value to it's default value or 8790 * change the current value or append/remove the value from 8791 * a multi-valued properties. 8792 */ 8793 if ((flags & MOD_PROP_DEFAULT) != MOD_PROP_DEFAULT && 8794 flags != MOD_PROP_ACTIVE && 8795 flags != (MOD_PROP_ACTIVE|MOD_PROP_APPEND) && 8796 flags != (MOD_PROP_ACTIVE|MOD_PROP_REMOVE)) 8797 return (B_FALSE); 8798 } else { 8799 ASSERT(iocp->ioc_cmd == SIOCGETPROP); 8800 8801 /* 8802 * One can retrieve only one kind of property information 8803 * at a time. 8804 */ 8805 if ((flags & MOD_PROP_ACTIVE) != MOD_PROP_ACTIVE && 8806 (flags & MOD_PROP_DEFAULT) != MOD_PROP_DEFAULT && 8807 (flags & MOD_PROP_POSSIBLE) != MOD_PROP_POSSIBLE && 8808 (flags & MOD_PROP_PERM) != MOD_PROP_PERM) 8809 return (B_FALSE); 8810 } 8811 8812 return (B_TRUE); 8813 } 8814 8815 /* 8816 * process the SIOC{SET|GET}PROP ioctl's 8817 */ 8818 /* ARGSUSED */ 8819 static void 8820 ip_sioctl_getsetprop(queue_t *q, mblk_t *mp) 8821 { 8822 struct iocblk *iocp = (struct iocblk *)mp->b_rptr; 8823 mblk_t *mp1 = mp->b_cont; 8824 mod_ioc_prop_t *pioc; 8825 mod_prop_info_t *ptbl = NULL, *pinfo = NULL; 8826 ip_stack_t *ipst; 8827 icmp_stack_t *is; 8828 tcp_stack_t *tcps; 8829 sctp_stack_t *sctps; 8830 udp_stack_t *us; 8831 netstack_t *stack; 8832 void *cbarg; 8833 cred_t *cr; 8834 boolean_t set; 8835 int err; 8836 8837 ASSERT(q->q_next == NULL); 8838 ASSERT(CONN_Q(q)); 8839 8840 if (!getset_ioctl_checks(mp)) { 8841 miocnak(q, mp, 0, EINVAL); 8842 return; 8843 } 8844 ipst = CONNQ_TO_IPST(q); 8845 stack = ipst->ips_netstack; 8846 pioc = (mod_ioc_prop_t *)mp1->b_rptr; 8847 8848 switch (pioc->mpr_proto) { 8849 case MOD_PROTO_IP: 8850 case MOD_PROTO_IPV4: 8851 case MOD_PROTO_IPV6: 8852 ptbl = ipst->ips_propinfo_tbl; 8853 cbarg = ipst; 8854 break; 8855 case MOD_PROTO_RAWIP: 8856 is = stack->netstack_icmp; 8857 ptbl = is->is_propinfo_tbl; 8858 cbarg = is; 8859 break; 8860 case MOD_PROTO_TCP: 8861 tcps = stack->netstack_tcp; 8862 ptbl = tcps->tcps_propinfo_tbl; 8863 cbarg = tcps; 8864 break; 8865 case MOD_PROTO_UDP: 8866 us = stack->netstack_udp; 8867 ptbl = us->us_propinfo_tbl; 8868 cbarg = us; 8869 break; 8870 case MOD_PROTO_SCTP: 8871 sctps = stack->netstack_sctp; 8872 ptbl = sctps->sctps_propinfo_tbl; 8873 cbarg = sctps; 8874 break; 8875 default: 8876 miocnak(q, mp, 0, EINVAL); 8877 return; 8878 } 8879 8880 /* search for given property in respective protocol propinfo table */ 8881 for (pinfo = ptbl; pinfo->mpi_name != NULL; pinfo++) { 8882 if (strcmp(pinfo->mpi_name, pioc->mpr_name) == 0 && 8883 pinfo->mpi_proto == pioc->mpr_proto) 8884 break; 8885 } 8886 if (pinfo->mpi_name == NULL) { 8887 miocnak(q, mp, 0, ENOENT); 8888 return; 8889 } 8890 8891 set = (iocp->ioc_cmd == SIOCSETPROP) ? B_TRUE : B_FALSE; 8892 if (set && pinfo->mpi_setf != NULL) { 8893 cr = msg_getcred(mp, NULL); 8894 if (cr == NULL) 8895 cr = iocp->ioc_cr; 8896 err = pinfo->mpi_setf(cbarg, cr, pinfo, pioc->mpr_ifname, 8897 pioc->mpr_val, pioc->mpr_flags); 8898 } else if (!set && pinfo->mpi_getf != NULL) { 8899 err = pinfo->mpi_getf(cbarg, pinfo, pioc->mpr_ifname, 8900 pioc->mpr_val, pioc->mpr_valsize, pioc->mpr_flags); 8901 } else { 8902 err = EPERM; 8903 } 8904 8905 if (err != 0) { 8906 miocnak(q, mp, 0, err); 8907 } else { 8908 if (set) 8909 miocack(q, mp, 0, 0); 8910 else /* For get, we need to return back the data */ 8911 miocack(q, mp, iocp->ioc_count, 0); 8912 } 8913 } 8914 8915 /* 8916 * process the legacy ND_GET, ND_SET ioctl just for {ip|ip6}_forwarding 8917 * as several routing daemons have unfortunately used this 'unpublished' 8918 * but well-known ioctls. 8919 */ 8920 /* ARGSUSED */ 8921 static void 8922 ip_process_legacy_nddprop(queue_t *q, mblk_t *mp) 8923 { 8924 struct iocblk *iocp = (struct iocblk *)mp->b_rptr; 8925 mblk_t *mp1 = mp->b_cont; 8926 char *pname, *pval, *buf; 8927 uint_t bufsize, proto; 8928 mod_prop_info_t *ptbl = NULL, *pinfo = NULL; 8929 ip_stack_t *ipst; 8930 int err = 0; 8931 8932 ASSERT(CONN_Q(q)); 8933 ipst = CONNQ_TO_IPST(q); 8934 8935 if (iocp->ioc_count == 0 || mp1 == NULL) { 8936 miocnak(q, mp, 0, EINVAL); 8937 return; 8938 } 8939 8940 mp1->b_datap->db_lim[-1] = '\0'; /* Force null termination */ 8941 pval = buf = pname = (char *)mp1->b_rptr; 8942 bufsize = MBLKL(mp1); 8943 8944 if (strcmp(pname, "ip_forwarding") == 0) { 8945 pname = "forwarding"; 8946 proto = MOD_PROTO_IPV4; 8947 } else if (strcmp(pname, "ip6_forwarding") == 0) { 8948 pname = "forwarding"; 8949 proto = MOD_PROTO_IPV6; 8950 } else { 8951 miocnak(q, mp, 0, EINVAL); 8952 return; 8953 } 8954 8955 ptbl = ipst->ips_propinfo_tbl; 8956 for (pinfo = ptbl; pinfo->mpi_name != NULL; pinfo++) { 8957 if (strcmp(pinfo->mpi_name, pname) == 0 && 8958 pinfo->mpi_proto == proto) 8959 break; 8960 } 8961 8962 ASSERT(pinfo->mpi_name != NULL); 8963 8964 switch (iocp->ioc_cmd) { 8965 case ND_GET: 8966 if ((err = pinfo->mpi_getf(ipst, pinfo, NULL, buf, bufsize, 8967 0)) == 0) { 8968 miocack(q, mp, iocp->ioc_count, 0); 8969 return; 8970 } 8971 break; 8972 case ND_SET: 8973 /* 8974 * buffer will have property name and value in the following 8975 * format, 8976 * <property name>'\0'<property value>'\0', extract them; 8977 */ 8978 while (*pval++) 8979 noop; 8980 8981 if (!*pval || pval >= (char *)mp1->b_wptr) { 8982 err = EINVAL; 8983 } else if ((err = pinfo->mpi_setf(ipst, NULL, pinfo, NULL, 8984 pval, 0)) == 0) { 8985 miocack(q, mp, 0, 0); 8986 return; 8987 } 8988 break; 8989 default: 8990 err = EINVAL; 8991 break; 8992 } 8993 miocnak(q, mp, 0, err); 8994 } 8995 8996 /* 8997 * Wrapper function for resuming deferred ioctl processing 8998 * Used for SIOCGDSTINFO, SIOCGIP6ADDRPOLICY, SIOCGMSFILTER, 8999 * SIOCSMSFILTER, SIOCGIPMSFILTER, and SIOCSIPMSFILTER currently. 9000 */ 9001 /* ARGSUSED */ 9002 void 9003 ip_sioctl_copyin_resume(ipsq_t *dummy_ipsq, queue_t *q, mblk_t *mp, 9004 void *dummy_arg) 9005 { 9006 ip_sioctl_copyin_setup(q, mp); 9007 } 9008 9009 /* 9010 * ip_sioctl_copyin_setup is called by ip_wput_nondata with any M_IOCTL message 9011 * that arrives. Most of the IOCTLs are "socket" IOCTLs which we handle 9012 * in either I_STR or TRANSPARENT form, using the mi_copy facility. 9013 * We establish here the size of the block to be copied in. mi_copyin 9014 * arranges for this to happen, an processing continues in ip_wput_nondata with 9015 * an M_IOCDATA message. 9016 */ 9017 void 9018 ip_sioctl_copyin_setup(queue_t *q, mblk_t *mp) 9019 { 9020 int copyin_size; 9021 struct iocblk *iocp = (struct iocblk *)mp->b_rptr; 9022 ip_ioctl_cmd_t *ipip; 9023 cred_t *cr; 9024 ip_stack_t *ipst; 9025 9026 if (CONN_Q(q)) 9027 ipst = CONNQ_TO_IPST(q); 9028 else 9029 ipst = ILLQ_TO_IPST(q); 9030 9031 ipip = ip_sioctl_lookup(iocp->ioc_cmd); 9032 if (ipip == NULL) { 9033 /* 9034 * The ioctl is not one we understand or own. 9035 * Pass it along to be processed down stream, 9036 * if this is a module instance of IP, else nak 9037 * the ioctl. 9038 */ 9039 if (q->q_next == NULL) { 9040 goto nak; 9041 } else { 9042 putnext(q, mp); 9043 return; 9044 } 9045 } 9046 9047 /* 9048 * If this is deferred, then we will do all the checks when we 9049 * come back. 9050 */ 9051 if ((iocp->ioc_cmd == SIOCGDSTINFO || 9052 iocp->ioc_cmd == SIOCGIP6ADDRPOLICY) && !ip6_asp_can_lookup(ipst)) { 9053 ip6_asp_pending_op(q, mp, ip_sioctl_copyin_resume); 9054 return; 9055 } 9056 9057 /* 9058 * Only allow a very small subset of IP ioctls on this stream if 9059 * IP is a module and not a driver. Allowing ioctls to be processed 9060 * in this case may cause assert failures or data corruption. 9061 * Typically G[L]IFFLAGS, SLIFNAME/IF_UNITSEL are the only few 9062 * ioctls allowed on an IP module stream, after which this stream 9063 * normally becomes a multiplexor (at which time the stream head 9064 * will fail all ioctls). 9065 */ 9066 if ((q->q_next != NULL) && !(ipip->ipi_flags & IPI_MODOK)) { 9067 goto nak; 9068 } 9069 9070 /* Make sure we have ioctl data to process. */ 9071 if (mp->b_cont == NULL && !(ipip->ipi_flags & IPI_NULL_BCONT)) 9072 goto nak; 9073 9074 /* 9075 * Prefer dblk credential over ioctl credential; some synthesized 9076 * ioctls have kcred set because there's no way to crhold() 9077 * a credential in some contexts. (ioc_cr is not crfree() by 9078 * the framework; the caller of ioctl needs to hold the reference 9079 * for the duration of the call). 9080 */ 9081 cr = msg_getcred(mp, NULL); 9082 if (cr == NULL) 9083 cr = iocp->ioc_cr; 9084 9085 /* Make sure normal users don't send down privileged ioctls */ 9086 if ((ipip->ipi_flags & IPI_PRIV) && 9087 (cr != NULL) && secpolicy_ip_config(cr, B_TRUE) != 0) { 9088 /* We checked the privilege earlier but log it here */ 9089 miocnak(q, mp, 0, secpolicy_ip_config(cr, B_FALSE)); 9090 return; 9091 } 9092 9093 /* 9094 * The ioctl command tables can only encode fixed length 9095 * ioctl data. If the length is variable, the table will 9096 * encode the length as zero. Such special cases are handled 9097 * below in the switch. 9098 */ 9099 if (ipip->ipi_copyin_size != 0) { 9100 mi_copyin(q, mp, NULL, ipip->ipi_copyin_size); 9101 return; 9102 } 9103 9104 switch (iocp->ioc_cmd) { 9105 case O_SIOCGIFCONF: 9106 case SIOCGIFCONF: 9107 /* 9108 * This IOCTL is hilarious. See comments in 9109 * ip_sioctl_get_ifconf for the story. 9110 */ 9111 if (iocp->ioc_count == TRANSPARENT) 9112 copyin_size = SIZEOF_STRUCT(ifconf, 9113 iocp->ioc_flag); 9114 else 9115 copyin_size = iocp->ioc_count; 9116 mi_copyin(q, mp, NULL, copyin_size); 9117 return; 9118 9119 case O_SIOCGLIFCONF: 9120 case SIOCGLIFCONF: 9121 copyin_size = SIZEOF_STRUCT(lifconf, iocp->ioc_flag); 9122 mi_copyin(q, mp, NULL, copyin_size); 9123 return; 9124 9125 case SIOCGLIFSRCOF: 9126 copyin_size = SIZEOF_STRUCT(lifsrcof, iocp->ioc_flag); 9127 mi_copyin(q, mp, NULL, copyin_size); 9128 return; 9129 9130 case SIOCGIP6ADDRPOLICY: 9131 ip_sioctl_ip6addrpolicy(q, mp); 9132 ip6_asp_table_refrele(ipst); 9133 return; 9134 9135 case SIOCSIP6ADDRPOLICY: 9136 ip_sioctl_ip6addrpolicy(q, mp); 9137 return; 9138 9139 case SIOCGDSTINFO: 9140 ip_sioctl_dstinfo(q, mp); 9141 ip6_asp_table_refrele(ipst); 9142 return; 9143 9144 case ND_SET: 9145 case ND_GET: 9146 ip_process_legacy_nddprop(q, mp); 9147 return; 9148 9149 case SIOCSETPROP: 9150 case SIOCGETPROP: 9151 ip_sioctl_getsetprop(q, mp); 9152 return; 9153 9154 case I_PLINK: 9155 case I_PUNLINK: 9156 case I_LINK: 9157 case I_UNLINK: 9158 /* 9159 * We treat non-persistent link similarly as the persistent 9160 * link case, in terms of plumbing/unplumbing, as well as 9161 * dynamic re-plumbing events indicator. See comments 9162 * in ip_sioctl_plink() for more. 9163 * 9164 * Request can be enqueued in the 'ipsq' while waiting 9165 * to become exclusive. So bump up the conn ref. 9166 */ 9167 if (CONN_Q(q)) { 9168 CONN_INC_REF(Q_TO_CONN(q)); 9169 CONN_INC_IOCTLREF(Q_TO_CONN(q)) 9170 } 9171 ip_sioctl_plink(NULL, q, mp, NULL); 9172 return; 9173 9174 case IP_IOCTL: 9175 ip_wput_ioctl(q, mp); 9176 return; 9177 9178 case SIOCILB: 9179 /* The ioctl length varies depending on the ILB command. */ 9180 copyin_size = iocp->ioc_count; 9181 if (copyin_size < sizeof (ilb_cmd_t)) 9182 goto nak; 9183 mi_copyin(q, mp, NULL, copyin_size); 9184 return; 9185 9186 default: 9187 cmn_err(CE_PANIC, "should not happen "); 9188 } 9189 nak: 9190 if (mp->b_cont != NULL) { 9191 freemsg(mp->b_cont); 9192 mp->b_cont = NULL; 9193 } 9194 iocp->ioc_error = EINVAL; 9195 mp->b_datap->db_type = M_IOCNAK; 9196 iocp->ioc_count = 0; 9197 qreply(q, mp); 9198 } 9199 9200 static void 9201 ip_sioctl_garp_reply(mblk_t *mp, ill_t *ill, void *hwaddr, int flags) 9202 { 9203 struct arpreq *ar; 9204 struct xarpreq *xar; 9205 mblk_t *tmp; 9206 struct iocblk *iocp; 9207 int x_arp_ioctl = B_FALSE; 9208 int *flagsp; 9209 char *storage = NULL; 9210 9211 ASSERT(ill != NULL); 9212 9213 iocp = (struct iocblk *)mp->b_rptr; 9214 ASSERT(iocp->ioc_cmd == SIOCGXARP || iocp->ioc_cmd == SIOCGARP); 9215 9216 tmp = (mp->b_cont)->b_cont; /* xarpreq/arpreq */ 9217 if ((iocp->ioc_cmd == SIOCGXARP) || 9218 (iocp->ioc_cmd == SIOCSXARP)) { 9219 x_arp_ioctl = B_TRUE; 9220 xar = (struct xarpreq *)tmp->b_rptr; 9221 flagsp = &xar->xarp_flags; 9222 storage = xar->xarp_ha.sdl_data; 9223 } else { 9224 ar = (struct arpreq *)tmp->b_rptr; 9225 flagsp = &ar->arp_flags; 9226 storage = ar->arp_ha.sa_data; 9227 } 9228 9229 /* 9230 * We're done if this is not an SIOCG{X}ARP 9231 */ 9232 if (x_arp_ioctl) { 9233 storage += ill_xarp_info(&xar->xarp_ha, ill); 9234 if ((ill->ill_phys_addr_length + ill->ill_name_length) > 9235 sizeof (xar->xarp_ha.sdl_data)) { 9236 iocp->ioc_error = EINVAL; 9237 return; 9238 } 9239 } 9240 *flagsp = ATF_INUSE; 9241 /* 9242 * If /sbin/arp told us we are the authority using the "permanent" 9243 * flag, or if this is one of my addresses print "permanent" 9244 * in the /sbin/arp output. 9245 */ 9246 if ((flags & NCE_F_MYADDR) || (flags & NCE_F_AUTHORITY)) 9247 *flagsp |= ATF_AUTHORITY; 9248 if (flags & NCE_F_NONUD) 9249 *flagsp |= ATF_PERM; /* not subject to aging */ 9250 if (flags & NCE_F_PUBLISH) 9251 *flagsp |= ATF_PUBL; 9252 if (hwaddr != NULL) { 9253 *flagsp |= ATF_COM; 9254 bcopy((char *)hwaddr, storage, ill->ill_phys_addr_length); 9255 } 9256 } 9257 9258 /* 9259 * Create a new logical interface. If ipif_id is zero (i.e. not a logical 9260 * interface) create the next available logical interface for this 9261 * physical interface. 9262 * If ipif is NULL (i.e. the lookup didn't find one) attempt to create an 9263 * ipif with the specified name. 9264 * 9265 * If the address family is not AF_UNSPEC then set the address as well. 9266 * 9267 * If ip_sioctl_addr returns EINPROGRESS then the ioctl (the copyout) 9268 * is completed when the DL_BIND_ACK arrive in ip_rput_dlpi_writer. 9269 * 9270 * Executed as a writer on the ill. 9271 * So no lock is needed to traverse the ipif chain, or examine the 9272 * phyint flags. 9273 */ 9274 /* ARGSUSED */ 9275 int 9276 ip_sioctl_addif(ipif_t *dummy_ipif, sin_t *dummy_sin, queue_t *q, mblk_t *mp, 9277 ip_ioctl_cmd_t *dummy_ipip, void *dummy_ifreq) 9278 { 9279 mblk_t *mp1; 9280 struct lifreq *lifr; 9281 boolean_t isv6; 9282 boolean_t exists; 9283 char *name; 9284 char *endp; 9285 char *cp; 9286 int namelen; 9287 ipif_t *ipif; 9288 long id; 9289 ipsq_t *ipsq; 9290 ill_t *ill; 9291 sin_t *sin; 9292 int err = 0; 9293 boolean_t found_sep = B_FALSE; 9294 conn_t *connp; 9295 zoneid_t zoneid; 9296 ip_stack_t *ipst = CONNQ_TO_IPST(q); 9297 9298 ASSERT(q->q_next == NULL); 9299 ip1dbg(("ip_sioctl_addif\n")); 9300 /* Existence of mp1 has been checked in ip_wput_nondata */ 9301 mp1 = mp->b_cont->b_cont; 9302 /* 9303 * Null terminate the string to protect against buffer 9304 * overrun. String was generated by user code and may not 9305 * be trusted. 9306 */ 9307 lifr = (struct lifreq *)mp1->b_rptr; 9308 lifr->lifr_name[LIFNAMSIZ - 1] = '\0'; 9309 name = lifr->lifr_name; 9310 ASSERT(CONN_Q(q)); 9311 connp = Q_TO_CONN(q); 9312 isv6 = (connp->conn_family == AF_INET6); 9313 zoneid = connp->conn_zoneid; 9314 namelen = mi_strlen(name); 9315 if (namelen == 0) 9316 return (EINVAL); 9317 9318 exists = B_FALSE; 9319 if ((namelen + 1 == sizeof (ipif_loopback_name)) && 9320 (mi_strcmp(name, ipif_loopback_name) == 0)) { 9321 /* 9322 * Allow creating lo0 using SIOCLIFADDIF. 9323 * can't be any other writer thread. So can pass null below 9324 * for the last 4 args to ipif_lookup_name. 9325 */ 9326 ipif = ipif_lookup_on_name(lifr->lifr_name, namelen, B_TRUE, 9327 &exists, isv6, zoneid, ipst); 9328 /* Prevent any further action */ 9329 if (ipif == NULL) { 9330 return (ENOBUFS); 9331 } else if (!exists) { 9332 /* We created the ipif now and as writer */ 9333 ipif_refrele(ipif); 9334 return (0); 9335 } else { 9336 ill = ipif->ipif_ill; 9337 ill_refhold(ill); 9338 ipif_refrele(ipif); 9339 } 9340 } else { 9341 /* Look for a colon in the name. */ 9342 endp = &name[namelen]; 9343 for (cp = endp; --cp > name; ) { 9344 if (*cp == IPIF_SEPARATOR_CHAR) { 9345 found_sep = B_TRUE; 9346 /* 9347 * Reject any non-decimal aliases for plumbing 9348 * of logical interfaces. Aliases with leading 9349 * zeroes are also rejected as they introduce 9350 * ambiguity in the naming of the interfaces. 9351 * Comparing with "0" takes care of all such 9352 * cases. 9353 */ 9354 if ((strncmp("0", cp+1, 1)) == 0) 9355 return (EINVAL); 9356 9357 if (ddi_strtol(cp+1, &endp, 10, &id) != 0 || 9358 id <= 0 || *endp != '\0') { 9359 return (EINVAL); 9360 } 9361 *cp = '\0'; 9362 break; 9363 } 9364 } 9365 ill = ill_lookup_on_name(name, B_FALSE, isv6, NULL, ipst); 9366 if (found_sep) 9367 *cp = IPIF_SEPARATOR_CHAR; 9368 if (ill == NULL) 9369 return (ENXIO); 9370 } 9371 9372 ipsq = ipsq_try_enter(NULL, ill, q, mp, ip_process_ioctl, NEW_OP, 9373 B_TRUE); 9374 9375 /* 9376 * Release the refhold due to the lookup, now that we are excl 9377 * or we are just returning 9378 */ 9379 ill_refrele(ill); 9380 9381 if (ipsq == NULL) 9382 return (EINPROGRESS); 9383 9384 /* We are now exclusive on the IPSQ */ 9385 ASSERT(IAM_WRITER_ILL(ill)); 9386 9387 if (found_sep) { 9388 /* Now see if there is an IPIF with this unit number. */ 9389 for (ipif = ill->ill_ipif; ipif != NULL; 9390 ipif = ipif->ipif_next) { 9391 if (ipif->ipif_id == id) { 9392 err = EEXIST; 9393 goto done; 9394 } 9395 } 9396 } 9397 9398 /* 9399 * We use IRE_LOCAL for lo0:1 etc. for "receive only" use 9400 * of lo0. Plumbing for lo0:0 happens in ipif_lookup_on_name() 9401 * instead. 9402 */ 9403 if ((ipif = ipif_allocate(ill, found_sep ? id : -1, IRE_LOCAL, 9404 B_TRUE, B_TRUE, &err)) == NULL) { 9405 goto done; 9406 } 9407 9408 /* Return created name with ioctl */ 9409 (void) sprintf(lifr->lifr_name, "%s%c%d", ill->ill_name, 9410 IPIF_SEPARATOR_CHAR, ipif->ipif_id); 9411 ip1dbg(("created %s\n", lifr->lifr_name)); 9412 9413 /* Set address */ 9414 sin = (sin_t *)&lifr->lifr_addr; 9415 if (sin->sin_family != AF_UNSPEC) { 9416 err = ip_sioctl_addr(ipif, sin, q, mp, 9417 &ip_ndx_ioctl_table[SIOCLIFADDR_NDX], lifr); 9418 } 9419 9420 done: 9421 ipsq_exit(ipsq); 9422 return (err); 9423 } 9424 9425 /* 9426 * Remove an existing logical interface. If ipif_id is zero (i.e. not a logical 9427 * interface) delete it based on the IP address (on this physical interface). 9428 * Otherwise delete it based on the ipif_id. 9429 * Also, special handling to allow a removeif of lo0. 9430 */ 9431 /* ARGSUSED */ 9432 int 9433 ip_sioctl_removeif(ipif_t *ipif, sin_t *sin, queue_t *q, mblk_t *mp, 9434 ip_ioctl_cmd_t *ipip, void *dummy_if_req) 9435 { 9436 conn_t *connp; 9437 ill_t *ill = ipif->ipif_ill; 9438 boolean_t success; 9439 ip_stack_t *ipst; 9440 9441 ipst = CONNQ_TO_IPST(q); 9442 9443 ASSERT(q->q_next == NULL); 9444 ip1dbg(("ip_sioctl_remove_if(%s:%u %p)\n", 9445 ill->ill_name, ipif->ipif_id, (void *)ipif)); 9446 ASSERT(IAM_WRITER_IPIF(ipif)); 9447 9448 connp = Q_TO_CONN(q); 9449 /* 9450 * Special case for unplumbing lo0 (the loopback physical interface). 9451 * If unplumbing lo0, the incoming address structure has been 9452 * initialized to all zeros. When unplumbing lo0, all its logical 9453 * interfaces must be removed too. 9454 * 9455 * Note that this interface may be called to remove a specific 9456 * loopback logical interface (eg, lo0:1). But in that case 9457 * ipif->ipif_id != 0 so that the code path for that case is the 9458 * same as any other interface (meaning it skips the code directly 9459 * below). 9460 */ 9461 if (ipif->ipif_id == 0 && ill->ill_net_type == IRE_LOOPBACK) { 9462 if (sin->sin_family == AF_UNSPEC && 9463 (IN6_IS_ADDR_UNSPECIFIED(&((sin6_t *)sin)->sin6_addr))) { 9464 /* 9465 * Mark it condemned. No new ref. will be made to ill. 9466 */ 9467 mutex_enter(&ill->ill_lock); 9468 ill->ill_state_flags |= ILL_CONDEMNED; 9469 for (ipif = ill->ill_ipif; ipif != NULL; 9470 ipif = ipif->ipif_next) { 9471 ipif->ipif_state_flags |= IPIF_CONDEMNED; 9472 } 9473 mutex_exit(&ill->ill_lock); 9474 9475 ipif = ill->ill_ipif; 9476 /* unplumb the loopback interface */ 9477 ill_delete(ill); 9478 mutex_enter(&connp->conn_lock); 9479 mutex_enter(&ill->ill_lock); 9480 9481 /* Are any references to this ill active */ 9482 if (ill_is_freeable(ill)) { 9483 mutex_exit(&ill->ill_lock); 9484 mutex_exit(&connp->conn_lock); 9485 ill_delete_tail(ill); 9486 mi_free(ill); 9487 return (0); 9488 } 9489 success = ipsq_pending_mp_add(connp, ipif, 9490 CONNP_TO_WQ(connp), mp, ILL_FREE); 9491 mutex_exit(&connp->conn_lock); 9492 mutex_exit(&ill->ill_lock); 9493 if (success) 9494 return (EINPROGRESS); 9495 else 9496 return (EINTR); 9497 } 9498 } 9499 9500 if (ipif->ipif_id == 0) { 9501 ipsq_t *ipsq; 9502 9503 /* Find based on address */ 9504 if (ipif->ipif_isv6) { 9505 sin6_t *sin6; 9506 9507 if (sin->sin_family != AF_INET6) 9508 return (EAFNOSUPPORT); 9509 9510 sin6 = (sin6_t *)sin; 9511 /* We are a writer, so we should be able to lookup */ 9512 ipif = ipif_lookup_addr_exact_v6(&sin6->sin6_addr, ill, 9513 ipst); 9514 } else { 9515 if (sin->sin_family != AF_INET) 9516 return (EAFNOSUPPORT); 9517 9518 /* We are a writer, so we should be able to lookup */ 9519 ipif = ipif_lookup_addr_exact(sin->sin_addr.s_addr, ill, 9520 ipst); 9521 } 9522 if (ipif == NULL) { 9523 return (EADDRNOTAVAIL); 9524 } 9525 9526 /* 9527 * It is possible for a user to send an SIOCLIFREMOVEIF with 9528 * lifr_name of the physical interface but with an ip address 9529 * lifr_addr of a logical interface plumbed over it. 9530 * So update ipx_current_ipif now that ipif points to the 9531 * correct one. 9532 */ 9533 ipsq = ipif->ipif_ill->ill_phyint->phyint_ipsq; 9534 ipsq->ipsq_xop->ipx_current_ipif = ipif; 9535 9536 /* This is a writer */ 9537 ipif_refrele(ipif); 9538 } 9539 9540 /* 9541 * Can not delete instance zero since it is tied to the ill. 9542 */ 9543 if (ipif->ipif_id == 0) 9544 return (EBUSY); 9545 9546 mutex_enter(&ill->ill_lock); 9547 ipif->ipif_state_flags |= IPIF_CONDEMNED; 9548 mutex_exit(&ill->ill_lock); 9549 9550 ipif_free(ipif); 9551 9552 mutex_enter(&connp->conn_lock); 9553 mutex_enter(&ill->ill_lock); 9554 9555 /* Are any references to this ipif active */ 9556 if (ipif_is_freeable(ipif)) { 9557 mutex_exit(&ill->ill_lock); 9558 mutex_exit(&connp->conn_lock); 9559 ipif_non_duplicate(ipif); 9560 (void) ipif_down_tail(ipif); 9561 ipif_free_tail(ipif); /* frees ipif */ 9562 return (0); 9563 } 9564 success = ipsq_pending_mp_add(connp, ipif, CONNP_TO_WQ(connp), mp, 9565 IPIF_FREE); 9566 mutex_exit(&ill->ill_lock); 9567 mutex_exit(&connp->conn_lock); 9568 if (success) 9569 return (EINPROGRESS); 9570 else 9571 return (EINTR); 9572 } 9573 9574 /* 9575 * Restart the removeif ioctl. The refcnt has gone down to 0. 9576 * The ipif is already condemned. So can't find it thru lookups. 9577 */ 9578 /* ARGSUSED */ 9579 int 9580 ip_sioctl_removeif_restart(ipif_t *ipif, sin_t *dummy_sin, queue_t *q, 9581 mblk_t *mp, ip_ioctl_cmd_t *ipip, void *dummy_if_req) 9582 { 9583 ill_t *ill = ipif->ipif_ill; 9584 9585 ASSERT(IAM_WRITER_IPIF(ipif)); 9586 ASSERT(ipif->ipif_state_flags & IPIF_CONDEMNED); 9587 9588 ip1dbg(("ip_sioctl_removeif_restart(%s:%u %p)\n", 9589 ill->ill_name, ipif->ipif_id, (void *)ipif)); 9590 9591 if (ipif->ipif_id == 0 && ill->ill_net_type == IRE_LOOPBACK) { 9592 ASSERT(ill->ill_state_flags & ILL_CONDEMNED); 9593 ill_delete_tail(ill); 9594 mi_free(ill); 9595 return (0); 9596 } 9597 9598 ipif_non_duplicate(ipif); 9599 (void) ipif_down_tail(ipif); 9600 ipif_free_tail(ipif); 9601 9602 return (0); 9603 } 9604 9605 /* 9606 * Set the local interface address using the given prefix and ill_token. 9607 */ 9608 /* ARGSUSED */ 9609 int 9610 ip_sioctl_prefix(ipif_t *ipif, sin_t *sin, queue_t *q, mblk_t *mp, 9611 ip_ioctl_cmd_t *dummy_ipip, void *dummy_ifreq) 9612 { 9613 int err; 9614 in6_addr_t v6addr; 9615 sin6_t *sin6; 9616 ill_t *ill; 9617 int i; 9618 9619 ip1dbg(("ip_sioctl_prefix(%s:%u %p)\n", 9620 ipif->ipif_ill->ill_name, ipif->ipif_id, (void *)ipif)); 9621 9622 ASSERT(IAM_WRITER_IPIF(ipif)); 9623 9624 if (!ipif->ipif_isv6) 9625 return (EINVAL); 9626 9627 if (sin->sin_family != AF_INET6) 9628 return (EAFNOSUPPORT); 9629 9630 sin6 = (sin6_t *)sin; 9631 v6addr = sin6->sin6_addr; 9632 ill = ipif->ipif_ill; 9633 9634 if (IN6_IS_ADDR_UNSPECIFIED(&v6addr) || 9635 IN6_IS_ADDR_UNSPECIFIED(&ill->ill_token)) 9636 return (EADDRNOTAVAIL); 9637 9638 for (i = 0; i < 4; i++) 9639 sin6->sin6_addr.s6_addr32[i] |= ill->ill_token.s6_addr32[i]; 9640 9641 err = ip_sioctl_addr(ipif, sin, q, mp, 9642 &ip_ndx_ioctl_table[SIOCLIFADDR_NDX], dummy_ifreq); 9643 return (err); 9644 } 9645 9646 /* 9647 * Restart entry point to restart the address set operation after the 9648 * refcounts have dropped to zero. 9649 */ 9650 /* ARGSUSED */ 9651 int 9652 ip_sioctl_prefix_restart(ipif_t *ipif, sin_t *sin, queue_t *q, mblk_t *mp, 9653 ip_ioctl_cmd_t *ipip, void *ifreq) 9654 { 9655 ip1dbg(("ip_sioctl_prefix_restart(%s:%u %p)\n", 9656 ipif->ipif_ill->ill_name, ipif->ipif_id, (void *)ipif)); 9657 return (ip_sioctl_addr_restart(ipif, sin, q, mp, ipip, ifreq)); 9658 } 9659 9660 /* 9661 * Set the local interface address. 9662 * Allow an address of all zero when the interface is down. 9663 */ 9664 /* ARGSUSED */ 9665 int 9666 ip_sioctl_addr(ipif_t *ipif, sin_t *sin, queue_t *q, mblk_t *mp, 9667 ip_ioctl_cmd_t *dummy_ipip, void *dummy_ifreq) 9668 { 9669 int err = 0; 9670 in6_addr_t v6addr; 9671 boolean_t need_up = B_FALSE; 9672 ill_t *ill; 9673 int i; 9674 9675 ip1dbg(("ip_sioctl_addr(%s:%u %p)\n", 9676 ipif->ipif_ill->ill_name, ipif->ipif_id, (void *)ipif)); 9677 9678 ASSERT(IAM_WRITER_IPIF(ipif)); 9679 9680 ill = ipif->ipif_ill; 9681 if (ipif->ipif_isv6) { 9682 sin6_t *sin6; 9683 phyint_t *phyi; 9684 9685 if (sin->sin_family != AF_INET6) 9686 return (EAFNOSUPPORT); 9687 9688 sin6 = (sin6_t *)sin; 9689 v6addr = sin6->sin6_addr; 9690 phyi = ill->ill_phyint; 9691 9692 /* 9693 * Enforce that true multicast interfaces have a link-local 9694 * address for logical unit 0. 9695 * 9696 * However for those ipif's for which link-local address was 9697 * not created by default, also allow setting :: as the address. 9698 * This scenario would arise, when we delete an address on ipif 9699 * with logical unit 0, we would want to set :: as the address. 9700 */ 9701 if (ipif->ipif_id == 0 && 9702 (ill->ill_flags & ILLF_MULTICAST) && 9703 !(ipif->ipif_flags & (IPIF_POINTOPOINT)) && 9704 !(phyi->phyint_flags & (PHYI_LOOPBACK)) && 9705 !IN6_IS_ADDR_LINKLOCAL(&v6addr)) { 9706 9707 /* 9708 * if default link-local was not created by kernel for 9709 * this ill, allow setting :: as the address on ipif:0. 9710 */ 9711 if (ill->ill_flags & ILLF_NOLINKLOCAL) { 9712 if (!IN6_IS_ADDR_UNSPECIFIED(&v6addr)) 9713 return (EADDRNOTAVAIL); 9714 } else { 9715 return (EADDRNOTAVAIL); 9716 } 9717 } 9718 9719 /* 9720 * up interfaces shouldn't have the unspecified address 9721 * unless they also have the IPIF_NOLOCAL flags set and 9722 * have a subnet assigned. 9723 */ 9724 if ((ipif->ipif_flags & IPIF_UP) && 9725 IN6_IS_ADDR_UNSPECIFIED(&v6addr) && 9726 (!(ipif->ipif_flags & IPIF_NOLOCAL) || 9727 IN6_IS_ADDR_UNSPECIFIED(&ipif->ipif_v6subnet))) { 9728 return (EADDRNOTAVAIL); 9729 } 9730 9731 if (!ip_local_addr_ok_v6(&v6addr, &ipif->ipif_v6net_mask)) 9732 return (EADDRNOTAVAIL); 9733 } else { 9734 ipaddr_t addr; 9735 9736 if (sin->sin_family != AF_INET) 9737 return (EAFNOSUPPORT); 9738 9739 addr = sin->sin_addr.s_addr; 9740 9741 /* Allow INADDR_ANY as the local address. */ 9742 if (addr != INADDR_ANY && 9743 !ip_addr_ok_v4(addr, ipif->ipif_net_mask)) 9744 return (EADDRNOTAVAIL); 9745 9746 IN6_IPADDR_TO_V4MAPPED(addr, &v6addr); 9747 } 9748 /* 9749 * verify that the address being configured is permitted by the 9750 * ill_allowed_ips[] for the interface. 9751 */ 9752 if (ill->ill_allowed_ips_cnt > 0) { 9753 for (i = 0; i < ill->ill_allowed_ips_cnt; i++) { 9754 if (IN6_ARE_ADDR_EQUAL(&ill->ill_allowed_ips[i], 9755 &v6addr)) 9756 break; 9757 } 9758 if (i == ill->ill_allowed_ips_cnt) { 9759 pr_addr_dbg("!allowed addr %s\n", AF_INET6, &v6addr); 9760 return (EPERM); 9761 } 9762 } 9763 /* 9764 * Even if there is no change we redo things just to rerun 9765 * ipif_set_default. 9766 */ 9767 if (ipif->ipif_flags & IPIF_UP) { 9768 /* 9769 * Setting a new local address, make sure 9770 * we have net and subnet bcast ire's for 9771 * the old address if we need them. 9772 */ 9773 /* 9774 * If the interface is already marked up, 9775 * we call ipif_down which will take care 9776 * of ditching any IREs that have been set 9777 * up based on the old interface address. 9778 */ 9779 err = ipif_logical_down(ipif, q, mp); 9780 if (err == EINPROGRESS) 9781 return (err); 9782 (void) ipif_down_tail(ipif); 9783 need_up = 1; 9784 } 9785 9786 err = ip_sioctl_addr_tail(ipif, sin, q, mp, need_up); 9787 return (err); 9788 } 9789 9790 int 9791 ip_sioctl_addr_tail(ipif_t *ipif, sin_t *sin, queue_t *q, mblk_t *mp, 9792 boolean_t need_up) 9793 { 9794 in6_addr_t v6addr; 9795 in6_addr_t ov6addr; 9796 ipaddr_t addr; 9797 sin6_t *sin6; 9798 int sinlen; 9799 int err = 0; 9800 ill_t *ill = ipif->ipif_ill; 9801 boolean_t need_dl_down; 9802 boolean_t need_arp_down; 9803 struct iocblk *iocp; 9804 9805 iocp = (mp != NULL) ? (struct iocblk *)mp->b_rptr : NULL; 9806 9807 ip1dbg(("ip_sioctl_addr_tail(%s:%u %p)\n", 9808 ill->ill_name, ipif->ipif_id, (void *)ipif)); 9809 ASSERT(IAM_WRITER_IPIF(ipif)); 9810 9811 /* Must cancel any pending timer before taking the ill_lock */ 9812 if (ipif->ipif_recovery_id != 0) 9813 (void) untimeout(ipif->ipif_recovery_id); 9814 ipif->ipif_recovery_id = 0; 9815 9816 if (ipif->ipif_isv6) { 9817 sin6 = (sin6_t *)sin; 9818 v6addr = sin6->sin6_addr; 9819 sinlen = sizeof (struct sockaddr_in6); 9820 } else { 9821 addr = sin->sin_addr.s_addr; 9822 IN6_IPADDR_TO_V4MAPPED(addr, &v6addr); 9823 sinlen = sizeof (struct sockaddr_in); 9824 } 9825 mutex_enter(&ill->ill_lock); 9826 ov6addr = ipif->ipif_v6lcl_addr; 9827 ipif->ipif_v6lcl_addr = v6addr; 9828 sctp_update_ipif_addr(ipif, ov6addr); 9829 ipif->ipif_addr_ready = 0; 9830 9831 ip_rts_newaddrmsg(RTM_CHGADDR, 0, ipif, RTSQ_DEFAULT); 9832 9833 /* 9834 * If the interface was previously marked as a duplicate, then since 9835 * we've now got a "new" address, it should no longer be considered a 9836 * duplicate -- even if the "new" address is the same as the old one. 9837 * Note that if all ipifs are down, we may have a pending ARP down 9838 * event to handle. This is because we want to recover from duplicates 9839 * and thus delay tearing down ARP until the duplicates have been 9840 * removed or disabled. 9841 */ 9842 need_dl_down = need_arp_down = B_FALSE; 9843 if (ipif->ipif_flags & IPIF_DUPLICATE) { 9844 need_arp_down = !need_up; 9845 ipif->ipif_flags &= ~IPIF_DUPLICATE; 9846 if (--ill->ill_ipif_dup_count == 0 && !need_up && 9847 ill->ill_ipif_up_count == 0 && ill->ill_dl_up) { 9848 need_dl_down = B_TRUE; 9849 } 9850 } 9851 9852 ipif_set_default(ipif); 9853 9854 /* 9855 * If we've just manually set the IPv6 link-local address (0th ipif), 9856 * tag the ill so that future updates to the interface ID don't result 9857 * in this address getting automatically reconfigured from under the 9858 * administrator. 9859 */ 9860 if (ipif->ipif_isv6 && ipif->ipif_id == 0) { 9861 if (iocp == NULL || (iocp->ioc_cmd == SIOCSLIFADDR && 9862 !IN6_IS_ADDR_UNSPECIFIED(&v6addr))) 9863 ill->ill_manual_linklocal = 1; 9864 } 9865 9866 /* 9867 * When publishing an interface address change event, we only notify 9868 * the event listeners of the new address. It is assumed that if they 9869 * actively care about the addresses assigned that they will have 9870 * already discovered the previous address assigned (if there was one.) 9871 * 9872 * Don't attach nic event message for SIOCLIFADDIF ioctl. 9873 */ 9874 if (iocp != NULL && iocp->ioc_cmd != SIOCLIFADDIF) { 9875 ill_nic_event_dispatch(ill, MAP_IPIF_ID(ipif->ipif_id), 9876 NE_ADDRESS_CHANGE, sin, sinlen); 9877 } 9878 9879 mutex_exit(&ill->ill_lock); 9880 9881 if (need_up) { 9882 /* 9883 * Now bring the interface back up. If this 9884 * is the only IPIF for the ILL, ipif_up 9885 * will have to re-bind to the device, so 9886 * we may get back EINPROGRESS, in which 9887 * case, this IOCTL will get completed in 9888 * ip_rput_dlpi when we see the DL_BIND_ACK. 9889 */ 9890 err = ipif_up(ipif, q, mp); 9891 } else { 9892 /* Perhaps ilgs should use this ill */ 9893 update_conn_ill(NULL, ill->ill_ipst); 9894 } 9895 9896 if (need_dl_down) 9897 ill_dl_down(ill); 9898 9899 if (need_arp_down && !ill->ill_isv6) 9900 (void) ipif_arp_down(ipif); 9901 9902 /* 9903 * The default multicast interface might have changed (for 9904 * instance if the IPv6 scope of the address changed) 9905 */ 9906 ire_increment_multicast_generation(ill->ill_ipst, ill->ill_isv6); 9907 9908 return (err); 9909 } 9910 9911 /* 9912 * Restart entry point to restart the address set operation after the 9913 * refcounts have dropped to zero. 9914 */ 9915 /* ARGSUSED */ 9916 int 9917 ip_sioctl_addr_restart(ipif_t *ipif, sin_t *sin, queue_t *q, mblk_t *mp, 9918 ip_ioctl_cmd_t *ipip, void *ifreq) 9919 { 9920 ip1dbg(("ip_sioctl_addr_restart(%s:%u %p)\n", 9921 ipif->ipif_ill->ill_name, ipif->ipif_id, (void *)ipif)); 9922 ASSERT(IAM_WRITER_IPIF(ipif)); 9923 (void) ipif_down_tail(ipif); 9924 return (ip_sioctl_addr_tail(ipif, sin, q, mp, B_TRUE)); 9925 } 9926 9927 /* ARGSUSED */ 9928 int 9929 ip_sioctl_get_addr(ipif_t *ipif, sin_t *sin, queue_t *q, mblk_t *mp, 9930 ip_ioctl_cmd_t *ipip, void *if_req) 9931 { 9932 sin6_t *sin6 = (struct sockaddr_in6 *)sin; 9933 struct lifreq *lifr = (struct lifreq *)if_req; 9934 9935 ip1dbg(("ip_sioctl_get_addr(%s:%u %p)\n", 9936 ipif->ipif_ill->ill_name, ipif->ipif_id, (void *)ipif)); 9937 /* 9938 * The net mask and address can't change since we have a 9939 * reference to the ipif. So no lock is necessary. 9940 */ 9941 if (ipif->ipif_isv6) { 9942 *sin6 = sin6_null; 9943 sin6->sin6_family = AF_INET6; 9944 sin6->sin6_addr = ipif->ipif_v6lcl_addr; 9945 ASSERT(ipip->ipi_cmd_type == LIF_CMD); 9946 lifr->lifr_addrlen = 9947 ip_mask_to_plen_v6(&ipif->ipif_v6net_mask); 9948 } else { 9949 *sin = sin_null; 9950 sin->sin_family = AF_INET; 9951 sin->sin_addr.s_addr = ipif->ipif_lcl_addr; 9952 if (ipip->ipi_cmd_type == LIF_CMD) { 9953 lifr->lifr_addrlen = 9954 ip_mask_to_plen(ipif->ipif_net_mask); 9955 } 9956 } 9957 return (0); 9958 } 9959 9960 /* 9961 * Set the destination address for a pt-pt interface. 9962 */ 9963 /* ARGSUSED */ 9964 int 9965 ip_sioctl_dstaddr(ipif_t *ipif, sin_t *sin, queue_t *q, mblk_t *mp, 9966 ip_ioctl_cmd_t *ipip, void *if_req) 9967 { 9968 int err = 0; 9969 in6_addr_t v6addr; 9970 boolean_t need_up = B_FALSE; 9971 9972 ip1dbg(("ip_sioctl_dstaddr(%s:%u %p)\n", 9973 ipif->ipif_ill->ill_name, ipif->ipif_id, (void *)ipif)); 9974 ASSERT(IAM_WRITER_IPIF(ipif)); 9975 9976 if (ipif->ipif_isv6) { 9977 sin6_t *sin6; 9978 9979 if (sin->sin_family != AF_INET6) 9980 return (EAFNOSUPPORT); 9981 9982 sin6 = (sin6_t *)sin; 9983 v6addr = sin6->sin6_addr; 9984 9985 if (!ip_remote_addr_ok_v6(&v6addr, &ipif->ipif_v6net_mask)) 9986 return (EADDRNOTAVAIL); 9987 } else { 9988 ipaddr_t addr; 9989 9990 if (sin->sin_family != AF_INET) 9991 return (EAFNOSUPPORT); 9992 9993 addr = sin->sin_addr.s_addr; 9994 if (addr != INADDR_ANY && 9995 !ip_addr_ok_v4(addr, ipif->ipif_net_mask)) { 9996 return (EADDRNOTAVAIL); 9997 } 9998 9999 IN6_IPADDR_TO_V4MAPPED(addr, &v6addr); 10000 } 10001 10002 if (IN6_ARE_ADDR_EQUAL(&ipif->ipif_v6pp_dst_addr, &v6addr)) 10003 return (0); /* No change */ 10004 10005 if (ipif->ipif_flags & IPIF_UP) { 10006 /* 10007 * If the interface is already marked up, 10008 * we call ipif_down which will take care 10009 * of ditching any IREs that have been set 10010 * up based on the old pp dst address. 10011 */ 10012 err = ipif_logical_down(ipif, q, mp); 10013 if (err == EINPROGRESS) 10014 return (err); 10015 (void) ipif_down_tail(ipif); 10016 need_up = B_TRUE; 10017 } 10018 /* 10019 * could return EINPROGRESS. If so ioctl will complete in 10020 * ip_rput_dlpi_writer 10021 */ 10022 err = ip_sioctl_dstaddr_tail(ipif, sin, q, mp, need_up); 10023 return (err); 10024 } 10025 10026 static int 10027 ip_sioctl_dstaddr_tail(ipif_t *ipif, sin_t *sin, queue_t *q, mblk_t *mp, 10028 boolean_t need_up) 10029 { 10030 in6_addr_t v6addr; 10031 ill_t *ill = ipif->ipif_ill; 10032 int err = 0; 10033 boolean_t need_dl_down; 10034 boolean_t need_arp_down; 10035 10036 ip1dbg(("ip_sioctl_dstaddr_tail(%s:%u %p)\n", ill->ill_name, 10037 ipif->ipif_id, (void *)ipif)); 10038 10039 /* Must cancel any pending timer before taking the ill_lock */ 10040 if (ipif->ipif_recovery_id != 0) 10041 (void) untimeout(ipif->ipif_recovery_id); 10042 ipif->ipif_recovery_id = 0; 10043 10044 if (ipif->ipif_isv6) { 10045 sin6_t *sin6; 10046 10047 sin6 = (sin6_t *)sin; 10048 v6addr = sin6->sin6_addr; 10049 } else { 10050 ipaddr_t addr; 10051 10052 addr = sin->sin_addr.s_addr; 10053 IN6_IPADDR_TO_V4MAPPED(addr, &v6addr); 10054 } 10055 mutex_enter(&ill->ill_lock); 10056 /* Set point to point destination address. */ 10057 if ((ipif->ipif_flags & IPIF_POINTOPOINT) == 0) { 10058 /* 10059 * Allow this as a means of creating logical 10060 * pt-pt interfaces on top of e.g. an Ethernet. 10061 * XXX Undocumented HACK for testing. 10062 * pt-pt interfaces are created with NUD disabled. 10063 */ 10064 ipif->ipif_flags |= IPIF_POINTOPOINT; 10065 ipif->ipif_flags &= ~IPIF_BROADCAST; 10066 if (ipif->ipif_isv6) 10067 ill->ill_flags |= ILLF_NONUD; 10068 } 10069 10070 /* 10071 * If the interface was previously marked as a duplicate, then since 10072 * we've now got a "new" address, it should no longer be considered a 10073 * duplicate -- even if the "new" address is the same as the old one. 10074 * Note that if all ipifs are down, we may have a pending ARP down 10075 * event to handle. 10076 */ 10077 need_dl_down = need_arp_down = B_FALSE; 10078 if (ipif->ipif_flags & IPIF_DUPLICATE) { 10079 need_arp_down = !need_up; 10080 ipif->ipif_flags &= ~IPIF_DUPLICATE; 10081 if (--ill->ill_ipif_dup_count == 0 && !need_up && 10082 ill->ill_ipif_up_count == 0 && ill->ill_dl_up) { 10083 need_dl_down = B_TRUE; 10084 } 10085 } 10086 10087 /* 10088 * If we've just manually set the IPv6 destination link-local address 10089 * (0th ipif), tag the ill so that future updates to the destination 10090 * interface ID (as can happen with interfaces over IP tunnels) don't 10091 * result in this address getting automatically reconfigured from 10092 * under the administrator. 10093 */ 10094 if (ipif->ipif_isv6 && ipif->ipif_id == 0) 10095 ill->ill_manual_dst_linklocal = 1; 10096 10097 /* Set the new address. */ 10098 ipif->ipif_v6pp_dst_addr = v6addr; 10099 /* Make sure subnet tracks pp_dst */ 10100 ipif->ipif_v6subnet = ipif->ipif_v6pp_dst_addr; 10101 mutex_exit(&ill->ill_lock); 10102 10103 if (need_up) { 10104 /* 10105 * Now bring the interface back up. If this 10106 * is the only IPIF for the ILL, ipif_up 10107 * will have to re-bind to the device, so 10108 * we may get back EINPROGRESS, in which 10109 * case, this IOCTL will get completed in 10110 * ip_rput_dlpi when we see the DL_BIND_ACK. 10111 */ 10112 err = ipif_up(ipif, q, mp); 10113 } 10114 10115 if (need_dl_down) 10116 ill_dl_down(ill); 10117 if (need_arp_down && !ipif->ipif_isv6) 10118 (void) ipif_arp_down(ipif); 10119 10120 return (err); 10121 } 10122 10123 /* 10124 * Restart entry point to restart the dstaddress set operation after the 10125 * refcounts have dropped to zero. 10126 */ 10127 /* ARGSUSED */ 10128 int 10129 ip_sioctl_dstaddr_restart(ipif_t *ipif, sin_t *sin, queue_t *q, mblk_t *mp, 10130 ip_ioctl_cmd_t *ipip, void *ifreq) 10131 { 10132 ip1dbg(("ip_sioctl_dstaddr_restart(%s:%u %p)\n", 10133 ipif->ipif_ill->ill_name, ipif->ipif_id, (void *)ipif)); 10134 (void) ipif_down_tail(ipif); 10135 return (ip_sioctl_dstaddr_tail(ipif, sin, q, mp, B_TRUE)); 10136 } 10137 10138 /* ARGSUSED */ 10139 int 10140 ip_sioctl_get_dstaddr(ipif_t *ipif, sin_t *sin, queue_t *q, mblk_t *mp, 10141 ip_ioctl_cmd_t *ipip, void *if_req) 10142 { 10143 sin6_t *sin6 = (struct sockaddr_in6 *)sin; 10144 10145 ip1dbg(("ip_sioctl_get_dstaddr(%s:%u %p)\n", 10146 ipif->ipif_ill->ill_name, ipif->ipif_id, (void *)ipif)); 10147 /* 10148 * Get point to point destination address. The addresses can't 10149 * change since we hold a reference to the ipif. 10150 */ 10151 if ((ipif->ipif_flags & IPIF_POINTOPOINT) == 0) 10152 return (EADDRNOTAVAIL); 10153 10154 if (ipif->ipif_isv6) { 10155 ASSERT(ipip->ipi_cmd_type == LIF_CMD); 10156 *sin6 = sin6_null; 10157 sin6->sin6_family = AF_INET6; 10158 sin6->sin6_addr = ipif->ipif_v6pp_dst_addr; 10159 } else { 10160 *sin = sin_null; 10161 sin->sin_family = AF_INET; 10162 sin->sin_addr.s_addr = ipif->ipif_pp_dst_addr; 10163 } 10164 return (0); 10165 } 10166 10167 /* 10168 * Check which flags will change by the given flags being set 10169 * silently ignore flags which userland is not allowed to control. 10170 * (Because these flags may change between SIOCGLIFFLAGS and 10171 * SIOCSLIFFLAGS, and that's outside of userland's control, 10172 * we need to silently ignore them rather than fail.) 10173 */ 10174 static void 10175 ip_sioctl_flags_onoff(ipif_t *ipif, uint64_t flags, uint64_t *onp, 10176 uint64_t *offp) 10177 { 10178 ill_t *ill = ipif->ipif_ill; 10179 phyint_t *phyi = ill->ill_phyint; 10180 uint64_t cantchange_flags, intf_flags; 10181 uint64_t turn_on, turn_off; 10182 10183 intf_flags = ipif->ipif_flags | ill->ill_flags | phyi->phyint_flags; 10184 cantchange_flags = IFF_CANTCHANGE; 10185 if (IS_IPMP(ill)) 10186 cantchange_flags |= IFF_IPMP_CANTCHANGE; 10187 turn_on = (flags ^ intf_flags) & ~cantchange_flags; 10188 turn_off = intf_flags & turn_on; 10189 turn_on ^= turn_off; 10190 *onp = turn_on; 10191 *offp = turn_off; 10192 } 10193 10194 /* 10195 * Set interface flags. Many flags require special handling (e.g., 10196 * bringing the interface down); see below for details. 10197 * 10198 * NOTE : We really don't enforce that ipif_id zero should be used 10199 * for setting any flags other than IFF_LOGINT_FLAGS. This 10200 * is because applications generally does SICGLIFFLAGS and 10201 * ORs in the new flags (that affects the logical) and does a 10202 * SIOCSLIFFLAGS. Thus, "flags" below could contain bits other 10203 * than IFF_LOGINT_FLAGS. One could check whether "turn_on" - the 10204 * flags that will be turned on is correct with respect to 10205 * ipif_id 0. For backward compatibility reasons, it is not done. 10206 */ 10207 /* ARGSUSED */ 10208 int 10209 ip_sioctl_flags(ipif_t *ipif, sin_t *sin, queue_t *q, mblk_t *mp, 10210 ip_ioctl_cmd_t *ipip, void *if_req) 10211 { 10212 uint64_t turn_on; 10213 uint64_t turn_off; 10214 int err = 0; 10215 phyint_t *phyi; 10216 ill_t *ill; 10217 conn_t *connp; 10218 uint64_t intf_flags; 10219 boolean_t phyint_flags_modified = B_FALSE; 10220 uint64_t flags; 10221 struct ifreq *ifr; 10222 struct lifreq *lifr; 10223 boolean_t set_linklocal = B_FALSE; 10224 10225 ip1dbg(("ip_sioctl_flags(%s:%u %p)\n", 10226 ipif->ipif_ill->ill_name, ipif->ipif_id, (void *)ipif)); 10227 10228 ASSERT(IAM_WRITER_IPIF(ipif)); 10229 10230 ill = ipif->ipif_ill; 10231 phyi = ill->ill_phyint; 10232 10233 if (ipip->ipi_cmd_type == IF_CMD) { 10234 ifr = (struct ifreq *)if_req; 10235 flags = (uint64_t)(ifr->ifr_flags & 0x0000ffff); 10236 } else { 10237 lifr = (struct lifreq *)if_req; 10238 flags = lifr->lifr_flags; 10239 } 10240 10241 intf_flags = ipif->ipif_flags | ill->ill_flags | phyi->phyint_flags; 10242 10243 /* 10244 * Have the flags been set correctly until now? 10245 */ 10246 ASSERT((phyi->phyint_flags & ~(IFF_PHYINT_FLAGS)) == 0); 10247 ASSERT((ill->ill_flags & ~(IFF_PHYINTINST_FLAGS)) == 0); 10248 ASSERT((ipif->ipif_flags & ~(IFF_LOGINT_FLAGS)) == 0); 10249 /* 10250 * Compare the new flags to the old, and partition 10251 * into those coming on and those going off. 10252 * For the 16 bit command keep the bits above bit 16 unchanged. 10253 */ 10254 if (ipip->ipi_cmd == SIOCSIFFLAGS) 10255 flags |= intf_flags & ~0xFFFF; 10256 10257 /* 10258 * Explicitly fail attempts to change flags that are always invalid on 10259 * an IPMP meta-interface. 10260 */ 10261 if (IS_IPMP(ill) && ((flags ^ intf_flags) & IFF_IPMP_INVALID)) 10262 return (EINVAL); 10263 10264 ip_sioctl_flags_onoff(ipif, flags, &turn_on, &turn_off); 10265 if ((turn_on|turn_off) == 0) 10266 return (0); /* No change */ 10267 10268 /* 10269 * All test addresses must be IFF_DEPRECATED (to ensure source address 10270 * selection avoids them) -- so force IFF_DEPRECATED on, and do not 10271 * allow it to be turned off. 10272 */ 10273 if ((turn_off & (IFF_DEPRECATED|IFF_NOFAILOVER)) == IFF_DEPRECATED && 10274 (turn_on|intf_flags) & IFF_NOFAILOVER) 10275 return (EINVAL); 10276 10277 if ((connp = Q_TO_CONN(q)) == NULL) 10278 return (EINVAL); 10279 10280 /* 10281 * Only vrrp control socket is allowed to change IFF_UP and 10282 * IFF_NOACCEPT flags when IFF_VRRP is set. 10283 */ 10284 if ((intf_flags & IFF_VRRP) && ((turn_off | turn_on) & IFF_UP)) { 10285 if (!connp->conn_isvrrp) 10286 return (EINVAL); 10287 } 10288 10289 /* 10290 * The IFF_NOACCEPT flag can only be set on an IFF_VRRP IP address by 10291 * VRRP control socket. 10292 */ 10293 if ((turn_off | turn_on) & IFF_NOACCEPT) { 10294 if (!connp->conn_isvrrp || !(intf_flags & IFF_VRRP)) 10295 return (EINVAL); 10296 } 10297 10298 if (turn_on & IFF_NOFAILOVER) { 10299 turn_on |= IFF_DEPRECATED; 10300 flags |= IFF_DEPRECATED; 10301 } 10302 10303 /* 10304 * On underlying interfaces, only allow applications to manage test 10305 * addresses -- otherwise, they may get confused when the address 10306 * moves as part of being brought up. Likewise, prevent an 10307 * application-managed test address from being converted to a data 10308 * address. To prevent migration of administratively up addresses in 10309 * the kernel, we don't allow them to be converted either. 10310 */ 10311 if (IS_UNDER_IPMP(ill)) { 10312 const uint64_t appflags = IFF_DHCPRUNNING | IFF_ADDRCONF; 10313 10314 if ((turn_on & appflags) && !(flags & IFF_NOFAILOVER)) 10315 return (EINVAL); 10316 10317 if ((turn_off & IFF_NOFAILOVER) && 10318 (flags & (appflags | IFF_UP | IFF_DUPLICATE))) 10319 return (EINVAL); 10320 } 10321 10322 /* 10323 * Only allow IFF_TEMPORARY flag to be set on 10324 * IPv6 interfaces. 10325 */ 10326 if ((turn_on & IFF_TEMPORARY) && !(ipif->ipif_isv6)) 10327 return (EINVAL); 10328 10329 /* 10330 * cannot turn off IFF_NOXMIT on VNI interfaces. 10331 */ 10332 if ((turn_off & IFF_NOXMIT) && IS_VNI(ipif->ipif_ill)) 10333 return (EINVAL); 10334 10335 /* 10336 * Don't allow the IFF_ROUTER flag to be turned on on loopback 10337 * interfaces. It makes no sense in that context. 10338 */ 10339 if ((turn_on & IFF_ROUTER) && (phyi->phyint_flags & PHYI_LOOPBACK)) 10340 return (EINVAL); 10341 10342 /* 10343 * For IPv6 ipif_id 0, don't allow the interface to be up without 10344 * a link local address if IFF_NOLOCAL or IFF_ANYCAST are not set. 10345 * If the link local address isn't set, and can be set, it will get 10346 * set later on in this function. 10347 */ 10348 if (ipif->ipif_id == 0 && ipif->ipif_isv6 && 10349 (flags & IFF_UP) && !(flags & (IFF_NOLOCAL|IFF_ANYCAST)) && 10350 IN6_IS_ADDR_UNSPECIFIED(&ipif->ipif_v6lcl_addr)) { 10351 if (ipif_cant_setlinklocal(ipif)) 10352 return (EINVAL); 10353 set_linklocal = B_TRUE; 10354 } 10355 10356 /* 10357 * If we modify physical interface flags, we'll potentially need to 10358 * send up two routing socket messages for the changes (one for the 10359 * IPv4 ill, and another for the IPv6 ill). Note that here. 10360 */ 10361 if ((turn_on|turn_off) & IFF_PHYINT_FLAGS) 10362 phyint_flags_modified = B_TRUE; 10363 10364 /* 10365 * All functioning PHYI_STANDBY interfaces start life PHYI_INACTIVE 10366 * (otherwise, we'd immediately use them, defeating standby). Also, 10367 * since PHYI_INACTIVE has a separate meaning when PHYI_STANDBY is not 10368 * set, don't allow PHYI_STANDBY to be set if PHYI_INACTIVE is already 10369 * set, and clear PHYI_INACTIVE if PHYI_STANDBY is being cleared. We 10370 * also don't allow PHYI_STANDBY if VNI is enabled since its semantics 10371 * will not be honored. 10372 */ 10373 if (turn_on & PHYI_STANDBY) { 10374 /* 10375 * No need to grab ill_g_usesrc_lock here; see the 10376 * synchronization notes in ip.c. 10377 */ 10378 if (ill->ill_usesrc_grp_next != NULL || 10379 intf_flags & PHYI_INACTIVE) 10380 return (EINVAL); 10381 if (!(flags & PHYI_FAILED)) { 10382 flags |= PHYI_INACTIVE; 10383 turn_on |= PHYI_INACTIVE; 10384 } 10385 } 10386 10387 if (turn_off & PHYI_STANDBY) { 10388 flags &= ~PHYI_INACTIVE; 10389 turn_off |= PHYI_INACTIVE; 10390 } 10391 10392 /* 10393 * PHYI_FAILED and PHYI_INACTIVE are mutually exclusive; fail if both 10394 * would end up on. 10395 */ 10396 if ((flags & (PHYI_FAILED | PHYI_INACTIVE)) == 10397 (PHYI_FAILED | PHYI_INACTIVE)) 10398 return (EINVAL); 10399 10400 /* 10401 * If ILLF_ROUTER changes, we need to change the ip forwarding 10402 * status of the interface. 10403 */ 10404 if ((turn_on | turn_off) & ILLF_ROUTER) { 10405 err = ill_forward_set(ill, ((turn_on & ILLF_ROUTER) != 0)); 10406 if (err != 0) 10407 return (err); 10408 } 10409 10410 /* 10411 * If the interface is not UP and we are not going to 10412 * bring it UP, record the flags and return. When the 10413 * interface comes UP later, the right actions will be 10414 * taken. 10415 */ 10416 if (!(ipif->ipif_flags & IPIF_UP) && 10417 !(turn_on & IPIF_UP)) { 10418 /* Record new flags in their respective places. */ 10419 mutex_enter(&ill->ill_lock); 10420 mutex_enter(&ill->ill_phyint->phyint_lock); 10421 ipif->ipif_flags |= (turn_on & IFF_LOGINT_FLAGS); 10422 ipif->ipif_flags &= (~turn_off & IFF_LOGINT_FLAGS); 10423 ill->ill_flags |= (turn_on & IFF_PHYINTINST_FLAGS); 10424 ill->ill_flags &= (~turn_off & IFF_PHYINTINST_FLAGS); 10425 phyi->phyint_flags |= (turn_on & IFF_PHYINT_FLAGS); 10426 phyi->phyint_flags &= (~turn_off & IFF_PHYINT_FLAGS); 10427 mutex_exit(&ill->ill_lock); 10428 mutex_exit(&ill->ill_phyint->phyint_lock); 10429 10430 /* 10431 * PHYI_FAILED, PHYI_INACTIVE, and PHYI_OFFLINE are all the 10432 * same to the kernel: if any of them has been set by 10433 * userland, the interface cannot be used for data traffic. 10434 */ 10435 if ((turn_on|turn_off) & 10436 (PHYI_FAILED | PHYI_INACTIVE | PHYI_OFFLINE)) { 10437 ASSERT(!IS_IPMP(ill)); 10438 /* 10439 * It's possible the ill is part of an "anonymous" 10440 * IPMP group rather than a real group. In that case, 10441 * there are no other interfaces in the group and thus 10442 * no need to call ipmp_phyint_refresh_active(). 10443 */ 10444 if (IS_UNDER_IPMP(ill)) 10445 ipmp_phyint_refresh_active(phyi); 10446 } 10447 10448 if (phyint_flags_modified) { 10449 if (phyi->phyint_illv4 != NULL) { 10450 ip_rts_ifmsg(phyi->phyint_illv4-> 10451 ill_ipif, RTSQ_DEFAULT); 10452 } 10453 if (phyi->phyint_illv6 != NULL) { 10454 ip_rts_ifmsg(phyi->phyint_illv6-> 10455 ill_ipif, RTSQ_DEFAULT); 10456 } 10457 } 10458 /* The default multicast interface might have changed */ 10459 ire_increment_multicast_generation(ill->ill_ipst, 10460 ill->ill_isv6); 10461 10462 return (0); 10463 } else if (set_linklocal) { 10464 mutex_enter(&ill->ill_lock); 10465 if (set_linklocal) 10466 ipif->ipif_state_flags |= IPIF_SET_LINKLOCAL; 10467 mutex_exit(&ill->ill_lock); 10468 } 10469 10470 /* 10471 * Disallow IPv6 interfaces coming up that have the unspecified address, 10472 * or point-to-point interfaces with an unspecified destination. We do 10473 * allow the address to be unspecified for IPIF_NOLOCAL interfaces that 10474 * have a subnet assigned, which is how in.ndpd currently manages its 10475 * onlink prefix list when no addresses are configured with those 10476 * prefixes. 10477 */ 10478 if (ipif->ipif_isv6 && 10479 ((IN6_IS_ADDR_UNSPECIFIED(&ipif->ipif_v6lcl_addr) && 10480 (!(ipif->ipif_flags & IPIF_NOLOCAL) && !(turn_on & IPIF_NOLOCAL) || 10481 IN6_IS_ADDR_UNSPECIFIED(&ipif->ipif_v6subnet))) || 10482 ((ipif->ipif_flags & IPIF_POINTOPOINT) && 10483 IN6_IS_ADDR_UNSPECIFIED(&ipif->ipif_v6pp_dst_addr)))) { 10484 return (EINVAL); 10485 } 10486 10487 /* 10488 * Prevent IPv4 point-to-point interfaces with a 0.0.0.0 destination 10489 * from being brought up. 10490 */ 10491 if (!ipif->ipif_isv6 && 10492 ((ipif->ipif_flags & IPIF_POINTOPOINT) && 10493 ipif->ipif_pp_dst_addr == INADDR_ANY)) { 10494 return (EINVAL); 10495 } 10496 10497 /* 10498 * If we are going to change one or more of the flags that are 10499 * IPIF_UP, IPIF_DEPRECATED, IPIF_NOXMIT, IPIF_NOLOCAL, ILLF_NOARP, 10500 * ILLF_NONUD, IPIF_PRIVATE, IPIF_ANYCAST, IPIF_PREFERRED, and 10501 * IPIF_NOFAILOVER, we will take special action. This is 10502 * done by bring the ipif down, changing the flags and bringing 10503 * it back up again. For IPIF_NOFAILOVER, the act of bringing it 10504 * back up will trigger the address to be moved. 10505 * 10506 * If we are going to change IFF_NOACCEPT, we need to bring 10507 * all the ipifs down then bring them up again. The act of 10508 * bringing all the ipifs back up will trigger the local 10509 * ires being recreated with "no_accept" set/cleared. 10510 * 10511 * Note that ILLF_NOACCEPT is always set separately from the 10512 * other flags. 10513 */ 10514 if ((turn_on|turn_off) & 10515 (IPIF_UP|IPIF_DEPRECATED|IPIF_NOXMIT|IPIF_NOLOCAL|ILLF_NOARP| 10516 ILLF_NONUD|IPIF_PRIVATE|IPIF_ANYCAST|IPIF_PREFERRED| 10517 IPIF_NOFAILOVER)) { 10518 /* 10519 * ipif_down() will ire_delete bcast ire's for the subnet, 10520 * while the ire_identical_ref tracks the case of IRE_BROADCAST 10521 * entries shared between multiple ipifs on the same subnet. 10522 */ 10523 if (((ipif->ipif_flags | turn_on) & IPIF_UP) && 10524 !(turn_off & IPIF_UP)) { 10525 if (ipif->ipif_flags & IPIF_UP) 10526 ill->ill_logical_down = 1; 10527 turn_on &= ~IPIF_UP; 10528 } 10529 err = ipif_down(ipif, q, mp); 10530 ip1dbg(("ipif_down returns %d err ", err)); 10531 if (err == EINPROGRESS) 10532 return (err); 10533 (void) ipif_down_tail(ipif); 10534 } else if ((turn_on|turn_off) & ILLF_NOACCEPT) { 10535 /* 10536 * If we can quiesce the ill, then continue. If not, then 10537 * ip_sioctl_flags_tail() will be called from 10538 * ipif_ill_refrele_tail(). 10539 */ 10540 ill_down_ipifs(ill, B_TRUE); 10541 10542 mutex_enter(&connp->conn_lock); 10543 mutex_enter(&ill->ill_lock); 10544 if (!ill_is_quiescent(ill)) { 10545 boolean_t success; 10546 10547 success = ipsq_pending_mp_add(connp, ill->ill_ipif, 10548 q, mp, ILL_DOWN); 10549 mutex_exit(&ill->ill_lock); 10550 mutex_exit(&connp->conn_lock); 10551 return (success ? EINPROGRESS : EINTR); 10552 } 10553 mutex_exit(&ill->ill_lock); 10554 mutex_exit(&connp->conn_lock); 10555 } 10556 return (ip_sioctl_flags_tail(ipif, flags, q, mp)); 10557 } 10558 10559 static int 10560 ip_sioctl_flags_tail(ipif_t *ipif, uint64_t flags, queue_t *q, mblk_t *mp) 10561 { 10562 ill_t *ill; 10563 phyint_t *phyi; 10564 uint64_t turn_on, turn_off; 10565 boolean_t phyint_flags_modified = B_FALSE; 10566 int err = 0; 10567 boolean_t set_linklocal = B_FALSE; 10568 10569 ip1dbg(("ip_sioctl_flags_tail(%s:%u)\n", 10570 ipif->ipif_ill->ill_name, ipif->ipif_id)); 10571 10572 ASSERT(IAM_WRITER_IPIF(ipif)); 10573 10574 ill = ipif->ipif_ill; 10575 phyi = ill->ill_phyint; 10576 10577 ip_sioctl_flags_onoff(ipif, flags, &turn_on, &turn_off); 10578 10579 /* 10580 * IFF_UP is handled separately. 10581 */ 10582 turn_on &= ~IFF_UP; 10583 turn_off &= ~IFF_UP; 10584 10585 if ((turn_on|turn_off) & IFF_PHYINT_FLAGS) 10586 phyint_flags_modified = B_TRUE; 10587 10588 /* 10589 * Now we change the flags. Track current value of 10590 * other flags in their respective places. 10591 */ 10592 mutex_enter(&ill->ill_lock); 10593 mutex_enter(&phyi->phyint_lock); 10594 ipif->ipif_flags |= (turn_on & IFF_LOGINT_FLAGS); 10595 ipif->ipif_flags &= (~turn_off & IFF_LOGINT_FLAGS); 10596 ill->ill_flags |= (turn_on & IFF_PHYINTINST_FLAGS); 10597 ill->ill_flags &= (~turn_off & IFF_PHYINTINST_FLAGS); 10598 phyi->phyint_flags |= (turn_on & IFF_PHYINT_FLAGS); 10599 phyi->phyint_flags &= (~turn_off & IFF_PHYINT_FLAGS); 10600 if (ipif->ipif_state_flags & IPIF_SET_LINKLOCAL) { 10601 set_linklocal = B_TRUE; 10602 ipif->ipif_state_flags &= ~IPIF_SET_LINKLOCAL; 10603 } 10604 10605 mutex_exit(&ill->ill_lock); 10606 mutex_exit(&phyi->phyint_lock); 10607 10608 if (set_linklocal) 10609 (void) ipif_setlinklocal(ipif); 10610 10611 /* 10612 * PHYI_FAILED, PHYI_INACTIVE, and PHYI_OFFLINE are all the same to 10613 * the kernel: if any of them has been set by userland, the interface 10614 * cannot be used for data traffic. 10615 */ 10616 if ((turn_on|turn_off) & (PHYI_FAILED | PHYI_INACTIVE | PHYI_OFFLINE)) { 10617 ASSERT(!IS_IPMP(ill)); 10618 /* 10619 * It's possible the ill is part of an "anonymous" IPMP group 10620 * rather than a real group. In that case, there are no other 10621 * interfaces in the group and thus no need for us to call 10622 * ipmp_phyint_refresh_active(). 10623 */ 10624 if (IS_UNDER_IPMP(ill)) 10625 ipmp_phyint_refresh_active(phyi); 10626 } 10627 10628 if ((turn_on|turn_off) & ILLF_NOACCEPT) { 10629 /* 10630 * If the ILLF_NOACCEPT flag is changed, bring up all the 10631 * ipifs that were brought down. 10632 * 10633 * The routing sockets messages are sent as the result 10634 * of ill_up_ipifs(), further, SCTP's IPIF list was updated 10635 * as well. 10636 */ 10637 err = ill_up_ipifs(ill, q, mp); 10638 } else if ((flags & IFF_UP) && !(ipif->ipif_flags & IPIF_UP)) { 10639 /* 10640 * XXX ipif_up really does not know whether a phyint flags 10641 * was modified or not. So, it sends up information on 10642 * only one routing sockets message. As we don't bring up 10643 * the interface and also set PHYI_ flags simultaneously 10644 * it should be okay. 10645 */ 10646 err = ipif_up(ipif, q, mp); 10647 } else { 10648 /* 10649 * Make sure routing socket sees all changes to the flags. 10650 * ipif_up_done* handles this when we use ipif_up. 10651 */ 10652 if (phyint_flags_modified) { 10653 if (phyi->phyint_illv4 != NULL) { 10654 ip_rts_ifmsg(phyi->phyint_illv4-> 10655 ill_ipif, RTSQ_DEFAULT); 10656 } 10657 if (phyi->phyint_illv6 != NULL) { 10658 ip_rts_ifmsg(phyi->phyint_illv6-> 10659 ill_ipif, RTSQ_DEFAULT); 10660 } 10661 } else { 10662 ip_rts_ifmsg(ipif, RTSQ_DEFAULT); 10663 } 10664 /* 10665 * Update the flags in SCTP's IPIF list, ipif_up() will do 10666 * this in need_up case. 10667 */ 10668 sctp_update_ipif(ipif, SCTP_IPIF_UPDATE); 10669 } 10670 10671 /* The default multicast interface might have changed */ 10672 ire_increment_multicast_generation(ill->ill_ipst, ill->ill_isv6); 10673 return (err); 10674 } 10675 10676 /* 10677 * Restart the flags operation now that the refcounts have dropped to zero. 10678 */ 10679 /* ARGSUSED */ 10680 int 10681 ip_sioctl_flags_restart(ipif_t *ipif, sin_t *sin, queue_t *q, mblk_t *mp, 10682 ip_ioctl_cmd_t *ipip, void *if_req) 10683 { 10684 uint64_t flags; 10685 struct ifreq *ifr = if_req; 10686 struct lifreq *lifr = if_req; 10687 uint64_t turn_on, turn_off; 10688 10689 ip1dbg(("ip_sioctl_flags_restart(%s:%u %p)\n", 10690 ipif->ipif_ill->ill_name, ipif->ipif_id, (void *)ipif)); 10691 10692 if (ipip->ipi_cmd_type == IF_CMD) { 10693 /* cast to uint16_t prevents unwanted sign extension */ 10694 flags = (uint16_t)ifr->ifr_flags; 10695 } else { 10696 flags = lifr->lifr_flags; 10697 } 10698 10699 /* 10700 * If this function call is a result of the ILLF_NOACCEPT flag 10701 * change, do not call ipif_down_tail(). See ip_sioctl_flags(). 10702 */ 10703 ip_sioctl_flags_onoff(ipif, flags, &turn_on, &turn_off); 10704 if (!((turn_on|turn_off) & ILLF_NOACCEPT)) 10705 (void) ipif_down_tail(ipif); 10706 10707 return (ip_sioctl_flags_tail(ipif, flags, q, mp)); 10708 } 10709 10710 /* 10711 * Can operate on either a module or a driver queue. 10712 */ 10713 /* ARGSUSED */ 10714 int 10715 ip_sioctl_get_flags(ipif_t *ipif, sin_t *sin, queue_t *q, mblk_t *mp, 10716 ip_ioctl_cmd_t *ipip, void *if_req) 10717 { 10718 /* 10719 * Has the flags been set correctly till now ? 10720 */ 10721 ill_t *ill = ipif->ipif_ill; 10722 phyint_t *phyi = ill->ill_phyint; 10723 10724 ip1dbg(("ip_sioctl_get_flags(%s:%u %p)\n", 10725 ipif->ipif_ill->ill_name, ipif->ipif_id, (void *)ipif)); 10726 ASSERT((phyi->phyint_flags & ~(IFF_PHYINT_FLAGS)) == 0); 10727 ASSERT((ill->ill_flags & ~(IFF_PHYINTINST_FLAGS)) == 0); 10728 ASSERT((ipif->ipif_flags & ~(IFF_LOGINT_FLAGS)) == 0); 10729 10730 /* 10731 * Need a lock since some flags can be set even when there are 10732 * references to the ipif. 10733 */ 10734 mutex_enter(&ill->ill_lock); 10735 if (ipip->ipi_cmd_type == IF_CMD) { 10736 struct ifreq *ifr = (struct ifreq *)if_req; 10737 10738 /* Get interface flags (low 16 only). */ 10739 ifr->ifr_flags = ((ipif->ipif_flags | 10740 ill->ill_flags | phyi->phyint_flags) & 0xffff); 10741 } else { 10742 struct lifreq *lifr = (struct lifreq *)if_req; 10743 10744 /* Get interface flags. */ 10745 lifr->lifr_flags = ipif->ipif_flags | 10746 ill->ill_flags | phyi->phyint_flags; 10747 } 10748 mutex_exit(&ill->ill_lock); 10749 return (0); 10750 } 10751 10752 /* 10753 * We allow the MTU to be set on an ILL, but not have it be different 10754 * for different IPIFs since we don't actually send packets on IPIFs. 10755 */ 10756 /* ARGSUSED */ 10757 int 10758 ip_sioctl_mtu(ipif_t *ipif, sin_t *sin, queue_t *q, mblk_t *mp, 10759 ip_ioctl_cmd_t *ipip, void *if_req) 10760 { 10761 int mtu; 10762 int ip_min_mtu; 10763 struct ifreq *ifr; 10764 struct lifreq *lifr; 10765 ill_t *ill; 10766 10767 ip1dbg(("ip_sioctl_mtu(%s:%u %p)\n", ipif->ipif_ill->ill_name, 10768 ipif->ipif_id, (void *)ipif)); 10769 if (ipip->ipi_cmd_type == IF_CMD) { 10770 ifr = (struct ifreq *)if_req; 10771 mtu = ifr->ifr_metric; 10772 } else { 10773 lifr = (struct lifreq *)if_req; 10774 mtu = lifr->lifr_mtu; 10775 } 10776 /* Only allow for logical unit zero i.e. not on "bge0:17" */ 10777 if (ipif->ipif_id != 0) 10778 return (EINVAL); 10779 10780 ill = ipif->ipif_ill; 10781 if (ipif->ipif_isv6) 10782 ip_min_mtu = IPV6_MIN_MTU; 10783 else 10784 ip_min_mtu = IP_MIN_MTU; 10785 10786 mutex_enter(&ill->ill_lock); 10787 if (mtu > ill->ill_max_frag || mtu < ip_min_mtu) { 10788 mutex_exit(&ill->ill_lock); 10789 return (EINVAL); 10790 } 10791 /* 10792 * The dce and fragmentation code can handle changes to ill_mtu 10793 * concurrent with sending/fragmenting packets. 10794 */ 10795 ill->ill_mtu = mtu; 10796 ill->ill_flags |= ILLF_FIXEDMTU; 10797 mutex_exit(&ill->ill_lock); 10798 10799 /* 10800 * Make sure all dce_generation checks find out 10801 * that ill_mtu has changed. 10802 */ 10803 dce_increment_all_generations(ill->ill_isv6, ill->ill_ipst); 10804 10805 /* 10806 * Refresh IPMP meta-interface MTU if necessary. 10807 */ 10808 if (IS_UNDER_IPMP(ill)) 10809 ipmp_illgrp_refresh_mtu(ill->ill_grp); 10810 10811 /* Update the MTU in SCTP's list */ 10812 sctp_update_ipif(ipif, SCTP_IPIF_UPDATE); 10813 return (0); 10814 } 10815 10816 /* Get interface MTU. */ 10817 /* ARGSUSED */ 10818 int 10819 ip_sioctl_get_mtu(ipif_t *ipif, sin_t *sin, queue_t *q, mblk_t *mp, 10820 ip_ioctl_cmd_t *ipip, void *if_req) 10821 { 10822 struct ifreq *ifr; 10823 struct lifreq *lifr; 10824 10825 ip1dbg(("ip_sioctl_get_mtu(%s:%u %p)\n", 10826 ipif->ipif_ill->ill_name, ipif->ipif_id, (void *)ipif)); 10827 10828 /* 10829 * We allow a get on any logical interface even though the set 10830 * can only be done on logical unit 0. 10831 */ 10832 if (ipip->ipi_cmd_type == IF_CMD) { 10833 ifr = (struct ifreq *)if_req; 10834 ifr->ifr_metric = ipif->ipif_ill->ill_mtu; 10835 } else { 10836 lifr = (struct lifreq *)if_req; 10837 lifr->lifr_mtu = ipif->ipif_ill->ill_mtu; 10838 } 10839 return (0); 10840 } 10841 10842 /* Set interface broadcast address. */ 10843 /* ARGSUSED2 */ 10844 int 10845 ip_sioctl_brdaddr(ipif_t *ipif, sin_t *sin, queue_t *q, mblk_t *mp, 10846 ip_ioctl_cmd_t *ipip, void *if_req) 10847 { 10848 ipaddr_t addr; 10849 ire_t *ire; 10850 ill_t *ill = ipif->ipif_ill; 10851 ip_stack_t *ipst = ill->ill_ipst; 10852 10853 ip1dbg(("ip_sioctl_brdaddr(%s:%u)\n", ill->ill_name, 10854 ipif->ipif_id)); 10855 10856 ASSERT(IAM_WRITER_IPIF(ipif)); 10857 if (!(ipif->ipif_flags & IPIF_BROADCAST)) 10858 return (EADDRNOTAVAIL); 10859 10860 ASSERT(!(ipif->ipif_isv6)); /* No IPv6 broadcast */ 10861 10862 if (sin->sin_family != AF_INET) 10863 return (EAFNOSUPPORT); 10864 10865 addr = sin->sin_addr.s_addr; 10866 10867 if (ipif->ipif_flags & IPIF_UP) { 10868 /* 10869 * If we are already up, make sure the new 10870 * broadcast address makes sense. If it does, 10871 * there should be an IRE for it already. 10872 */ 10873 ire = ire_ftable_lookup_v4(addr, 0, 0, IRE_BROADCAST, 10874 ill, ipif->ipif_zoneid, NULL, 10875 (MATCH_IRE_ILL | MATCH_IRE_TYPE), 0, ipst, NULL); 10876 if (ire == NULL) { 10877 return (EINVAL); 10878 } else { 10879 ire_refrele(ire); 10880 } 10881 } 10882 /* 10883 * Changing the broadcast addr for this ipif. Since the IRE_BROADCAST 10884 * needs to already exist we never need to change the set of 10885 * IRE_BROADCASTs when we are UP. 10886 */ 10887 if (addr != ipif->ipif_brd_addr) 10888 IN6_IPADDR_TO_V4MAPPED(addr, &ipif->ipif_v6brd_addr); 10889 10890 return (0); 10891 } 10892 10893 /* Get interface broadcast address. */ 10894 /* ARGSUSED */ 10895 int 10896 ip_sioctl_get_brdaddr(ipif_t *ipif, sin_t *sin, queue_t *q, mblk_t *mp, 10897 ip_ioctl_cmd_t *ipip, void *if_req) 10898 { 10899 ip1dbg(("ip_sioctl_get_brdaddr(%s:%u %p)\n", 10900 ipif->ipif_ill->ill_name, ipif->ipif_id, (void *)ipif)); 10901 if (!(ipif->ipif_flags & IPIF_BROADCAST)) 10902 return (EADDRNOTAVAIL); 10903 10904 /* IPIF_BROADCAST not possible with IPv6 */ 10905 ASSERT(!ipif->ipif_isv6); 10906 *sin = sin_null; 10907 sin->sin_family = AF_INET; 10908 sin->sin_addr.s_addr = ipif->ipif_brd_addr; 10909 return (0); 10910 } 10911 10912 /* 10913 * This routine is called to handle the SIOCS*IFNETMASK IOCTL. 10914 */ 10915 /* ARGSUSED */ 10916 int 10917 ip_sioctl_netmask(ipif_t *ipif, sin_t *sin, queue_t *q, mblk_t *mp, 10918 ip_ioctl_cmd_t *ipip, void *if_req) 10919 { 10920 int err = 0; 10921 in6_addr_t v6mask; 10922 10923 ip1dbg(("ip_sioctl_netmask(%s:%u %p)\n", 10924 ipif->ipif_ill->ill_name, ipif->ipif_id, (void *)ipif)); 10925 10926 ASSERT(IAM_WRITER_IPIF(ipif)); 10927 10928 if (ipif->ipif_isv6) { 10929 sin6_t *sin6; 10930 10931 if (sin->sin_family != AF_INET6) 10932 return (EAFNOSUPPORT); 10933 10934 sin6 = (sin6_t *)sin; 10935 v6mask = sin6->sin6_addr; 10936 } else { 10937 ipaddr_t mask; 10938 10939 if (sin->sin_family != AF_INET) 10940 return (EAFNOSUPPORT); 10941 10942 mask = sin->sin_addr.s_addr; 10943 if (!ip_contiguous_mask(ntohl(mask))) 10944 return (ENOTSUP); 10945 V4MASK_TO_V6(mask, v6mask); 10946 } 10947 10948 /* 10949 * No big deal if the interface isn't already up, or the mask 10950 * isn't really changing, or this is pt-pt. 10951 */ 10952 if (!(ipif->ipif_flags & IPIF_UP) || 10953 IN6_ARE_ADDR_EQUAL(&v6mask, &ipif->ipif_v6net_mask) || 10954 (ipif->ipif_flags & IPIF_POINTOPOINT)) { 10955 ipif->ipif_v6net_mask = v6mask; 10956 if ((ipif->ipif_flags & IPIF_POINTOPOINT) == 0) { 10957 V6_MASK_COPY(ipif->ipif_v6lcl_addr, 10958 ipif->ipif_v6net_mask, 10959 ipif->ipif_v6subnet); 10960 } 10961 return (0); 10962 } 10963 /* 10964 * Make sure we have valid net and subnet broadcast ire's 10965 * for the old netmask, if needed by other logical interfaces. 10966 */ 10967 err = ipif_logical_down(ipif, q, mp); 10968 if (err == EINPROGRESS) 10969 return (err); 10970 (void) ipif_down_tail(ipif); 10971 err = ip_sioctl_netmask_tail(ipif, sin, q, mp); 10972 return (err); 10973 } 10974 10975 static int 10976 ip_sioctl_netmask_tail(ipif_t *ipif, sin_t *sin, queue_t *q, mblk_t *mp) 10977 { 10978 in6_addr_t v6mask; 10979 int err = 0; 10980 10981 ip1dbg(("ip_sioctl_netmask_tail(%s:%u %p)\n", 10982 ipif->ipif_ill->ill_name, ipif->ipif_id, (void *)ipif)); 10983 10984 if (ipif->ipif_isv6) { 10985 sin6_t *sin6; 10986 10987 sin6 = (sin6_t *)sin; 10988 v6mask = sin6->sin6_addr; 10989 } else { 10990 ipaddr_t mask; 10991 10992 mask = sin->sin_addr.s_addr; 10993 V4MASK_TO_V6(mask, v6mask); 10994 } 10995 10996 ipif->ipif_v6net_mask = v6mask; 10997 if ((ipif->ipif_flags & IPIF_POINTOPOINT) == 0) { 10998 V6_MASK_COPY(ipif->ipif_v6lcl_addr, ipif->ipif_v6net_mask, 10999 ipif->ipif_v6subnet); 11000 } 11001 err = ipif_up(ipif, q, mp); 11002 11003 if (err == 0 || err == EINPROGRESS) { 11004 /* 11005 * The interface must be DL_BOUND if this packet has to 11006 * go out on the wire. Since we only go through a logical 11007 * down and are bound with the driver during an internal 11008 * down/up that is satisfied. 11009 */ 11010 if (!ipif->ipif_isv6 && ipif->ipif_ill->ill_wq != NULL) { 11011 /* Potentially broadcast an address mask reply. */ 11012 ipif_mask_reply(ipif); 11013 } 11014 } 11015 return (err); 11016 } 11017 11018 /* ARGSUSED */ 11019 int 11020 ip_sioctl_netmask_restart(ipif_t *ipif, sin_t *sin, queue_t *q, mblk_t *mp, 11021 ip_ioctl_cmd_t *ipip, void *if_req) 11022 { 11023 ip1dbg(("ip_sioctl_netmask_restart(%s:%u %p)\n", 11024 ipif->ipif_ill->ill_name, ipif->ipif_id, (void *)ipif)); 11025 (void) ipif_down_tail(ipif); 11026 return (ip_sioctl_netmask_tail(ipif, sin, q, mp)); 11027 } 11028 11029 /* Get interface net mask. */ 11030 /* ARGSUSED */ 11031 int 11032 ip_sioctl_get_netmask(ipif_t *ipif, sin_t *sin, queue_t *q, mblk_t *mp, 11033 ip_ioctl_cmd_t *ipip, void *if_req) 11034 { 11035 struct lifreq *lifr = (struct lifreq *)if_req; 11036 struct sockaddr_in6 *sin6 = (sin6_t *)sin; 11037 11038 ip1dbg(("ip_sioctl_get_netmask(%s:%u %p)\n", 11039 ipif->ipif_ill->ill_name, ipif->ipif_id, (void *)ipif)); 11040 11041 /* 11042 * net mask can't change since we have a reference to the ipif. 11043 */ 11044 if (ipif->ipif_isv6) { 11045 ASSERT(ipip->ipi_cmd_type == LIF_CMD); 11046 *sin6 = sin6_null; 11047 sin6->sin6_family = AF_INET6; 11048 sin6->sin6_addr = ipif->ipif_v6net_mask; 11049 lifr->lifr_addrlen = 11050 ip_mask_to_plen_v6(&ipif->ipif_v6net_mask); 11051 } else { 11052 *sin = sin_null; 11053 sin->sin_family = AF_INET; 11054 sin->sin_addr.s_addr = ipif->ipif_net_mask; 11055 if (ipip->ipi_cmd_type == LIF_CMD) { 11056 lifr->lifr_addrlen = 11057 ip_mask_to_plen(ipif->ipif_net_mask); 11058 } 11059 } 11060 return (0); 11061 } 11062 11063 /* ARGSUSED */ 11064 int 11065 ip_sioctl_metric(ipif_t *ipif, sin_t *sin, queue_t *q, mblk_t *mp, 11066 ip_ioctl_cmd_t *ipip, void *if_req) 11067 { 11068 ip1dbg(("ip_sioctl_metric(%s:%u %p)\n", 11069 ipif->ipif_ill->ill_name, ipif->ipif_id, (void *)ipif)); 11070 11071 /* 11072 * Since no applications should ever be setting metrics on underlying 11073 * interfaces, we explicitly fail to smoke 'em out. 11074 */ 11075 if (IS_UNDER_IPMP(ipif->ipif_ill)) 11076 return (EINVAL); 11077 11078 /* 11079 * Set interface metric. We don't use this for 11080 * anything but we keep track of it in case it is 11081 * important to routing applications or such. 11082 */ 11083 if (ipip->ipi_cmd_type == IF_CMD) { 11084 struct ifreq *ifr; 11085 11086 ifr = (struct ifreq *)if_req; 11087 ipif->ipif_ill->ill_metric = ifr->ifr_metric; 11088 } else { 11089 struct lifreq *lifr; 11090 11091 lifr = (struct lifreq *)if_req; 11092 ipif->ipif_ill->ill_metric = lifr->lifr_metric; 11093 } 11094 return (0); 11095 } 11096 11097 /* ARGSUSED */ 11098 int 11099 ip_sioctl_get_metric(ipif_t *ipif, sin_t *sin, queue_t *q, mblk_t *mp, 11100 ip_ioctl_cmd_t *ipip, void *if_req) 11101 { 11102 /* Get interface metric. */ 11103 ip1dbg(("ip_sioctl_get_metric(%s:%u %p)\n", 11104 ipif->ipif_ill->ill_name, ipif->ipif_id, (void *)ipif)); 11105 11106 if (ipip->ipi_cmd_type == IF_CMD) { 11107 struct ifreq *ifr; 11108 11109 ifr = (struct ifreq *)if_req; 11110 ifr->ifr_metric = ipif->ipif_ill->ill_metric; 11111 } else { 11112 struct lifreq *lifr; 11113 11114 lifr = (struct lifreq *)if_req; 11115 lifr->lifr_metric = ipif->ipif_ill->ill_metric; 11116 } 11117 11118 return (0); 11119 } 11120 11121 /* ARGSUSED */ 11122 int 11123 ip_sioctl_muxid(ipif_t *ipif, sin_t *sin, queue_t *q, mblk_t *mp, 11124 ip_ioctl_cmd_t *ipip, void *if_req) 11125 { 11126 int arp_muxid; 11127 11128 ip1dbg(("ip_sioctl_muxid(%s:%u %p)\n", 11129 ipif->ipif_ill->ill_name, ipif->ipif_id, (void *)ipif)); 11130 /* 11131 * Set the muxid returned from I_PLINK. 11132 */ 11133 if (ipip->ipi_cmd_type == IF_CMD) { 11134 struct ifreq *ifr = (struct ifreq *)if_req; 11135 11136 ipif->ipif_ill->ill_muxid = ifr->ifr_ip_muxid; 11137 arp_muxid = ifr->ifr_arp_muxid; 11138 } else { 11139 struct lifreq *lifr = (struct lifreq *)if_req; 11140 11141 ipif->ipif_ill->ill_muxid = lifr->lifr_ip_muxid; 11142 arp_muxid = lifr->lifr_arp_muxid; 11143 } 11144 arl_set_muxid(ipif->ipif_ill, arp_muxid); 11145 return (0); 11146 } 11147 11148 /* ARGSUSED */ 11149 int 11150 ip_sioctl_get_muxid(ipif_t *ipif, sin_t *sin, queue_t *q, mblk_t *mp, 11151 ip_ioctl_cmd_t *ipip, void *if_req) 11152 { 11153 int arp_muxid = 0; 11154 11155 ip1dbg(("ip_sioctl_get_muxid(%s:%u %p)\n", 11156 ipif->ipif_ill->ill_name, ipif->ipif_id, (void *)ipif)); 11157 /* 11158 * Get the muxid saved in ill for I_PUNLINK. 11159 */ 11160 arp_muxid = arl_get_muxid(ipif->ipif_ill); 11161 if (ipip->ipi_cmd_type == IF_CMD) { 11162 struct ifreq *ifr = (struct ifreq *)if_req; 11163 11164 ifr->ifr_ip_muxid = ipif->ipif_ill->ill_muxid; 11165 ifr->ifr_arp_muxid = arp_muxid; 11166 } else { 11167 struct lifreq *lifr = (struct lifreq *)if_req; 11168 11169 lifr->lifr_ip_muxid = ipif->ipif_ill->ill_muxid; 11170 lifr->lifr_arp_muxid = arp_muxid; 11171 } 11172 return (0); 11173 } 11174 11175 /* 11176 * Set the subnet prefix. Does not modify the broadcast address. 11177 */ 11178 /* ARGSUSED */ 11179 int 11180 ip_sioctl_subnet(ipif_t *ipif, sin_t *sin, queue_t *q, mblk_t *mp, 11181 ip_ioctl_cmd_t *ipip, void *if_req) 11182 { 11183 int err = 0; 11184 in6_addr_t v6addr; 11185 in6_addr_t v6mask; 11186 boolean_t need_up = B_FALSE; 11187 int addrlen; 11188 11189 ip1dbg(("ip_sioctl_subnet(%s:%u %p)\n", 11190 ipif->ipif_ill->ill_name, ipif->ipif_id, (void *)ipif)); 11191 11192 ASSERT(IAM_WRITER_IPIF(ipif)); 11193 addrlen = ((struct lifreq *)if_req)->lifr_addrlen; 11194 11195 if (ipif->ipif_isv6) { 11196 sin6_t *sin6; 11197 11198 if (sin->sin_family != AF_INET6) 11199 return (EAFNOSUPPORT); 11200 11201 sin6 = (sin6_t *)sin; 11202 v6addr = sin6->sin6_addr; 11203 if (!ip_remote_addr_ok_v6(&v6addr, &ipv6_all_ones)) 11204 return (EADDRNOTAVAIL); 11205 } else { 11206 ipaddr_t addr; 11207 11208 if (sin->sin_family != AF_INET) 11209 return (EAFNOSUPPORT); 11210 11211 addr = sin->sin_addr.s_addr; 11212 if (!ip_addr_ok_v4(addr, 0xFFFFFFFF)) 11213 return (EADDRNOTAVAIL); 11214 IN6_IPADDR_TO_V4MAPPED(addr, &v6addr); 11215 /* Add 96 bits */ 11216 addrlen += IPV6_ABITS - IP_ABITS; 11217 } 11218 11219 if (ip_plen_to_mask_v6(addrlen, &v6mask) == NULL) 11220 return (EINVAL); 11221 11222 /* Check if bits in the address is set past the mask */ 11223 if (!V6_MASK_EQ(v6addr, v6mask, v6addr)) 11224 return (EINVAL); 11225 11226 if (IN6_ARE_ADDR_EQUAL(&ipif->ipif_v6subnet, &v6addr) && 11227 IN6_ARE_ADDR_EQUAL(&ipif->ipif_v6net_mask, &v6mask)) 11228 return (0); /* No change */ 11229 11230 if (ipif->ipif_flags & IPIF_UP) { 11231 /* 11232 * If the interface is already marked up, 11233 * we call ipif_down which will take care 11234 * of ditching any IREs that have been set 11235 * up based on the old interface address. 11236 */ 11237 err = ipif_logical_down(ipif, q, mp); 11238 if (err == EINPROGRESS) 11239 return (err); 11240 (void) ipif_down_tail(ipif); 11241 need_up = B_TRUE; 11242 } 11243 11244 err = ip_sioctl_subnet_tail(ipif, v6addr, v6mask, q, mp, need_up); 11245 return (err); 11246 } 11247 11248 static int 11249 ip_sioctl_subnet_tail(ipif_t *ipif, in6_addr_t v6addr, in6_addr_t v6mask, 11250 queue_t *q, mblk_t *mp, boolean_t need_up) 11251 { 11252 ill_t *ill = ipif->ipif_ill; 11253 int err = 0; 11254 11255 ip1dbg(("ip_sioctl_subnet_tail(%s:%u %p)\n", 11256 ipif->ipif_ill->ill_name, ipif->ipif_id, (void *)ipif)); 11257 11258 /* Set the new address. */ 11259 mutex_enter(&ill->ill_lock); 11260 ipif->ipif_v6net_mask = v6mask; 11261 if ((ipif->ipif_flags & IPIF_POINTOPOINT) == 0) { 11262 V6_MASK_COPY(v6addr, ipif->ipif_v6net_mask, 11263 ipif->ipif_v6subnet); 11264 } 11265 mutex_exit(&ill->ill_lock); 11266 11267 if (need_up) { 11268 /* 11269 * Now bring the interface back up. If this 11270 * is the only IPIF for the ILL, ipif_up 11271 * will have to re-bind to the device, so 11272 * we may get back EINPROGRESS, in which 11273 * case, this IOCTL will get completed in 11274 * ip_rput_dlpi when we see the DL_BIND_ACK. 11275 */ 11276 err = ipif_up(ipif, q, mp); 11277 if (err == EINPROGRESS) 11278 return (err); 11279 } 11280 return (err); 11281 } 11282 11283 /* ARGSUSED */ 11284 int 11285 ip_sioctl_subnet_restart(ipif_t *ipif, sin_t *sin, queue_t *q, mblk_t *mp, 11286 ip_ioctl_cmd_t *ipip, void *if_req) 11287 { 11288 int addrlen; 11289 in6_addr_t v6addr; 11290 in6_addr_t v6mask; 11291 struct lifreq *lifr = (struct lifreq *)if_req; 11292 11293 ip1dbg(("ip_sioctl_subnet_restart(%s:%u %p)\n", 11294 ipif->ipif_ill->ill_name, ipif->ipif_id, (void *)ipif)); 11295 (void) ipif_down_tail(ipif); 11296 11297 addrlen = lifr->lifr_addrlen; 11298 if (ipif->ipif_isv6) { 11299 sin6_t *sin6; 11300 11301 sin6 = (sin6_t *)sin; 11302 v6addr = sin6->sin6_addr; 11303 } else { 11304 ipaddr_t addr; 11305 11306 addr = sin->sin_addr.s_addr; 11307 IN6_IPADDR_TO_V4MAPPED(addr, &v6addr); 11308 addrlen += IPV6_ABITS - IP_ABITS; 11309 } 11310 (void) ip_plen_to_mask_v6(addrlen, &v6mask); 11311 11312 return (ip_sioctl_subnet_tail(ipif, v6addr, v6mask, q, mp, B_TRUE)); 11313 } 11314 11315 /* ARGSUSED */ 11316 int 11317 ip_sioctl_get_subnet(ipif_t *ipif, sin_t *sin, queue_t *q, mblk_t *mp, 11318 ip_ioctl_cmd_t *ipip, void *if_req) 11319 { 11320 struct lifreq *lifr = (struct lifreq *)if_req; 11321 struct sockaddr_in6 *sin6 = (struct sockaddr_in6 *)sin; 11322 11323 ip1dbg(("ip_sioctl_get_subnet(%s:%u %p)\n", 11324 ipif->ipif_ill->ill_name, ipif->ipif_id, (void *)ipif)); 11325 ASSERT(ipip->ipi_cmd_type == LIF_CMD); 11326 11327 if (ipif->ipif_isv6) { 11328 *sin6 = sin6_null; 11329 sin6->sin6_family = AF_INET6; 11330 sin6->sin6_addr = ipif->ipif_v6subnet; 11331 lifr->lifr_addrlen = 11332 ip_mask_to_plen_v6(&ipif->ipif_v6net_mask); 11333 } else { 11334 *sin = sin_null; 11335 sin->sin_family = AF_INET; 11336 sin->sin_addr.s_addr = ipif->ipif_subnet; 11337 lifr->lifr_addrlen = ip_mask_to_plen(ipif->ipif_net_mask); 11338 } 11339 return (0); 11340 } 11341 11342 /* 11343 * Set the IPv6 address token. 11344 */ 11345 /* ARGSUSED */ 11346 int 11347 ip_sioctl_token(ipif_t *ipif, sin_t *sin, queue_t *q, mblk_t *mp, 11348 ip_ioctl_cmd_t *ipi, void *if_req) 11349 { 11350 ill_t *ill = ipif->ipif_ill; 11351 int err; 11352 in6_addr_t v6addr; 11353 in6_addr_t v6mask; 11354 boolean_t need_up = B_FALSE; 11355 int i; 11356 sin6_t *sin6 = (sin6_t *)sin; 11357 struct lifreq *lifr = (struct lifreq *)if_req; 11358 int addrlen; 11359 11360 ip1dbg(("ip_sioctl_token(%s:%u %p)\n", 11361 ipif->ipif_ill->ill_name, ipif->ipif_id, (void *)ipif)); 11362 ASSERT(IAM_WRITER_IPIF(ipif)); 11363 11364 addrlen = lifr->lifr_addrlen; 11365 /* Only allow for logical unit zero i.e. not on "le0:17" */ 11366 if (ipif->ipif_id != 0) 11367 return (EINVAL); 11368 11369 if (!ipif->ipif_isv6) 11370 return (EINVAL); 11371 11372 if (addrlen > IPV6_ABITS) 11373 return (EINVAL); 11374 11375 v6addr = sin6->sin6_addr; 11376 11377 /* 11378 * The length of the token is the length from the end. To get 11379 * the proper mask for this, compute the mask of the bits not 11380 * in the token; ie. the prefix, and then xor to get the mask. 11381 */ 11382 if (ip_plen_to_mask_v6(IPV6_ABITS - addrlen, &v6mask) == NULL) 11383 return (EINVAL); 11384 for (i = 0; i < 4; i++) { 11385 v6mask.s6_addr32[i] ^= (uint32_t)0xffffffff; 11386 } 11387 11388 if (V6_MASK_EQ(v6addr, v6mask, ill->ill_token) && 11389 ill->ill_token_length == addrlen) 11390 return (0); /* No change */ 11391 11392 if (ipif->ipif_flags & IPIF_UP) { 11393 err = ipif_logical_down(ipif, q, mp); 11394 if (err == EINPROGRESS) 11395 return (err); 11396 (void) ipif_down_tail(ipif); 11397 need_up = B_TRUE; 11398 } 11399 err = ip_sioctl_token_tail(ipif, sin6, addrlen, q, mp, need_up); 11400 return (err); 11401 } 11402 11403 static int 11404 ip_sioctl_token_tail(ipif_t *ipif, sin6_t *sin6, int addrlen, queue_t *q, 11405 mblk_t *mp, boolean_t need_up) 11406 { 11407 in6_addr_t v6addr; 11408 in6_addr_t v6mask; 11409 ill_t *ill = ipif->ipif_ill; 11410 int i; 11411 int err = 0; 11412 11413 ip1dbg(("ip_sioctl_token_tail(%s:%u %p)\n", 11414 ipif->ipif_ill->ill_name, ipif->ipif_id, (void *)ipif)); 11415 v6addr = sin6->sin6_addr; 11416 /* 11417 * The length of the token is the length from the end. To get 11418 * the proper mask for this, compute the mask of the bits not 11419 * in the token; ie. the prefix, and then xor to get the mask. 11420 */ 11421 (void) ip_plen_to_mask_v6(IPV6_ABITS - addrlen, &v6mask); 11422 for (i = 0; i < 4; i++) 11423 v6mask.s6_addr32[i] ^= (uint32_t)0xffffffff; 11424 11425 mutex_enter(&ill->ill_lock); 11426 V6_MASK_COPY(v6addr, v6mask, ill->ill_token); 11427 ill->ill_token_length = addrlen; 11428 ill->ill_manual_token = 1; 11429 11430 /* Reconfigure the link-local address based on this new token */ 11431 ipif_setlinklocal(ill->ill_ipif); 11432 11433 mutex_exit(&ill->ill_lock); 11434 11435 if (need_up) { 11436 /* 11437 * Now bring the interface back up. If this 11438 * is the only IPIF for the ILL, ipif_up 11439 * will have to re-bind to the device, so 11440 * we may get back EINPROGRESS, in which 11441 * case, this IOCTL will get completed in 11442 * ip_rput_dlpi when we see the DL_BIND_ACK. 11443 */ 11444 err = ipif_up(ipif, q, mp); 11445 if (err == EINPROGRESS) 11446 return (err); 11447 } 11448 return (err); 11449 } 11450 11451 /* ARGSUSED */ 11452 int 11453 ip_sioctl_get_token(ipif_t *ipif, sin_t *sin, queue_t *q, mblk_t *mp, 11454 ip_ioctl_cmd_t *ipi, void *if_req) 11455 { 11456 ill_t *ill; 11457 sin6_t *sin6 = (sin6_t *)sin; 11458 struct lifreq *lifr = (struct lifreq *)if_req; 11459 11460 ip1dbg(("ip_sioctl_get_token(%s:%u %p)\n", 11461 ipif->ipif_ill->ill_name, ipif->ipif_id, (void *)ipif)); 11462 if (ipif->ipif_id != 0) 11463 return (EINVAL); 11464 11465 ill = ipif->ipif_ill; 11466 if (!ill->ill_isv6) 11467 return (ENXIO); 11468 11469 *sin6 = sin6_null; 11470 sin6->sin6_family = AF_INET6; 11471 ASSERT(!IN6_IS_ADDR_V4MAPPED(&ill->ill_token)); 11472 sin6->sin6_addr = ill->ill_token; 11473 lifr->lifr_addrlen = ill->ill_token_length; 11474 return (0); 11475 } 11476 11477 /* 11478 * Set (hardware) link specific information that might override 11479 * what was acquired through the DL_INFO_ACK. 11480 */ 11481 /* ARGSUSED */ 11482 int 11483 ip_sioctl_lnkinfo(ipif_t *ipif, sin_t *sin, queue_t *q, mblk_t *mp, 11484 ip_ioctl_cmd_t *ipi, void *if_req) 11485 { 11486 ill_t *ill = ipif->ipif_ill; 11487 int ip_min_mtu; 11488 struct lifreq *lifr = (struct lifreq *)if_req; 11489 lif_ifinfo_req_t *lir; 11490 11491 ip1dbg(("ip_sioctl_lnkinfo(%s:%u %p)\n", 11492 ipif->ipif_ill->ill_name, ipif->ipif_id, (void *)ipif)); 11493 lir = &lifr->lifr_ifinfo; 11494 ASSERT(IAM_WRITER_IPIF(ipif)); 11495 11496 /* Only allow for logical unit zero i.e. not on "bge0:17" */ 11497 if (ipif->ipif_id != 0) 11498 return (EINVAL); 11499 11500 /* Set interface MTU. */ 11501 if (ipif->ipif_isv6) 11502 ip_min_mtu = IPV6_MIN_MTU; 11503 else 11504 ip_min_mtu = IP_MIN_MTU; 11505 11506 /* 11507 * Verify values before we set anything. Allow zero to 11508 * mean unspecified. 11509 * 11510 * XXX We should be able to set the user-defined lir_mtu to some value 11511 * that is greater than ill_current_frag but less than ill_max_frag- the 11512 * ill_max_frag value tells us the max MTU that can be handled by the 11513 * datalink, whereas the ill_current_frag is dynamically computed for 11514 * some link-types like tunnels, based on the tunnel PMTU. However, 11515 * since there is currently no way of distinguishing between 11516 * administratively fixed link mtu values (e.g., those set via 11517 * /sbin/dladm) and dynamically discovered MTUs (e.g., those discovered 11518 * for tunnels) we conservatively choose the ill_current_frag as the 11519 * upper-bound. 11520 */ 11521 if (lir->lir_maxmtu != 0 && 11522 (lir->lir_maxmtu > ill->ill_current_frag || 11523 lir->lir_maxmtu < ip_min_mtu)) 11524 return (EINVAL); 11525 if (lir->lir_reachtime != 0 && 11526 lir->lir_reachtime > ND_MAX_REACHTIME) 11527 return (EINVAL); 11528 if (lir->lir_reachretrans != 0 && 11529 lir->lir_reachretrans > ND_MAX_REACHRETRANSTIME) 11530 return (EINVAL); 11531 11532 mutex_enter(&ill->ill_lock); 11533 /* 11534 * The dce and fragmentation code can handle changes to ill_mtu 11535 * concurrent with sending/fragmenting packets. 11536 */ 11537 if (lir->lir_maxmtu != 0) 11538 ill->ill_user_mtu = lir->lir_maxmtu; 11539 11540 if (lir->lir_reachtime != 0) 11541 ill->ill_reachable_time = lir->lir_reachtime; 11542 11543 if (lir->lir_reachretrans != 0) 11544 ill->ill_reachable_retrans_time = lir->lir_reachretrans; 11545 11546 ill->ill_max_hops = lir->lir_maxhops; 11547 ill->ill_max_buf = ND_MAX_Q; 11548 if (!(ill->ill_flags & ILLF_FIXEDMTU) && ill->ill_user_mtu != 0) { 11549 /* 11550 * ill_mtu is the actual interface MTU, obtained as the min 11551 * of user-configured mtu and the value announced by the 11552 * driver (via DL_NOTE_SDU_SIZE/DL_INFO_ACK). Note that since 11553 * we have already made the choice of requiring 11554 * ill_user_mtu < ill_current_frag by the time we get here, 11555 * the ill_mtu effectively gets assigned to the ill_user_mtu 11556 * here. 11557 */ 11558 ill->ill_mtu = MIN(ill->ill_current_frag, ill->ill_user_mtu); 11559 } 11560 mutex_exit(&ill->ill_lock); 11561 11562 /* 11563 * Make sure all dce_generation checks find out 11564 * that ill_mtu has changed. 11565 */ 11566 if (!(ill->ill_flags & ILLF_FIXEDMTU) && (lir->lir_maxmtu != 0)) 11567 dce_increment_all_generations(ill->ill_isv6, ill->ill_ipst); 11568 11569 /* 11570 * Refresh IPMP meta-interface MTU if necessary. 11571 */ 11572 if (IS_UNDER_IPMP(ill)) 11573 ipmp_illgrp_refresh_mtu(ill->ill_grp); 11574 11575 return (0); 11576 } 11577 11578 /* ARGSUSED */ 11579 int 11580 ip_sioctl_get_lnkinfo(ipif_t *ipif, sin_t *sin, queue_t *q, mblk_t *mp, 11581 ip_ioctl_cmd_t *ipi, void *if_req) 11582 { 11583 struct lif_ifinfo_req *lir; 11584 ill_t *ill = ipif->ipif_ill; 11585 11586 ip1dbg(("ip_sioctl_get_lnkinfo(%s:%u %p)\n", 11587 ipif->ipif_ill->ill_name, ipif->ipif_id, (void *)ipif)); 11588 if (ipif->ipif_id != 0) 11589 return (EINVAL); 11590 11591 lir = &((struct lifreq *)if_req)->lifr_ifinfo; 11592 lir->lir_maxhops = ill->ill_max_hops; 11593 lir->lir_reachtime = ill->ill_reachable_time; 11594 lir->lir_reachretrans = ill->ill_reachable_retrans_time; 11595 lir->lir_maxmtu = ill->ill_mtu; 11596 11597 return (0); 11598 } 11599 11600 /* 11601 * Return best guess as to the subnet mask for the specified address. 11602 * Based on the subnet masks for all the configured interfaces. 11603 * 11604 * We end up returning a zero mask in the case of default, multicast or 11605 * experimental. 11606 */ 11607 static ipaddr_t 11608 ip_subnet_mask(ipaddr_t addr, ipif_t **ipifp, ip_stack_t *ipst) 11609 { 11610 ipaddr_t net_mask; 11611 ill_t *ill; 11612 ipif_t *ipif; 11613 ill_walk_context_t ctx; 11614 ipif_t *fallback_ipif = NULL; 11615 11616 net_mask = ip_net_mask(addr); 11617 if (net_mask == 0) { 11618 *ipifp = NULL; 11619 return (0); 11620 } 11621 11622 /* Let's check to see if this is maybe a local subnet route. */ 11623 /* this function only applies to IPv4 interfaces */ 11624 rw_enter(&ipst->ips_ill_g_lock, RW_READER); 11625 ill = ILL_START_WALK_V4(&ctx, ipst); 11626 for (; ill != NULL; ill = ill_next(&ctx, ill)) { 11627 mutex_enter(&ill->ill_lock); 11628 for (ipif = ill->ill_ipif; ipif != NULL; 11629 ipif = ipif->ipif_next) { 11630 if (IPIF_IS_CONDEMNED(ipif)) 11631 continue; 11632 if (!(ipif->ipif_flags & IPIF_UP)) 11633 continue; 11634 if ((ipif->ipif_subnet & net_mask) == 11635 (addr & net_mask)) { 11636 /* 11637 * Don't trust pt-pt interfaces if there are 11638 * other interfaces. 11639 */ 11640 if (ipif->ipif_flags & IPIF_POINTOPOINT) { 11641 if (fallback_ipif == NULL) { 11642 ipif_refhold_locked(ipif); 11643 fallback_ipif = ipif; 11644 } 11645 continue; 11646 } 11647 11648 /* 11649 * Fine. Just assume the same net mask as the 11650 * directly attached subnet interface is using. 11651 */ 11652 ipif_refhold_locked(ipif); 11653 mutex_exit(&ill->ill_lock); 11654 rw_exit(&ipst->ips_ill_g_lock); 11655 if (fallback_ipif != NULL) 11656 ipif_refrele(fallback_ipif); 11657 *ipifp = ipif; 11658 return (ipif->ipif_net_mask); 11659 } 11660 } 11661 mutex_exit(&ill->ill_lock); 11662 } 11663 rw_exit(&ipst->ips_ill_g_lock); 11664 11665 *ipifp = fallback_ipif; 11666 return ((fallback_ipif != NULL) ? 11667 fallback_ipif->ipif_net_mask : net_mask); 11668 } 11669 11670 /* 11671 * ip_sioctl_copyin_setup calls ip_wput_ioctl to process the IP_IOCTL ioctl. 11672 */ 11673 static void 11674 ip_wput_ioctl(queue_t *q, mblk_t *mp) 11675 { 11676 IOCP iocp; 11677 ipft_t *ipft; 11678 ipllc_t *ipllc; 11679 mblk_t *mp1; 11680 cred_t *cr; 11681 int error = 0; 11682 conn_t *connp; 11683 11684 ip1dbg(("ip_wput_ioctl")); 11685 iocp = (IOCP)mp->b_rptr; 11686 mp1 = mp->b_cont; 11687 if (mp1 == NULL) { 11688 iocp->ioc_error = EINVAL; 11689 mp->b_datap->db_type = M_IOCNAK; 11690 iocp->ioc_count = 0; 11691 qreply(q, mp); 11692 return; 11693 } 11694 11695 /* 11696 * These IOCTLs provide various control capabilities to 11697 * upstream agents such as ULPs and processes. There 11698 * are currently two such IOCTLs implemented. They 11699 * are used by TCP to provide update information for 11700 * existing IREs and to forcibly delete an IRE for a 11701 * host that is not responding, thereby forcing an 11702 * attempt at a new route. 11703 */ 11704 iocp->ioc_error = EINVAL; 11705 if (!pullupmsg(mp1, sizeof (ipllc->ipllc_cmd))) 11706 goto done; 11707 11708 ipllc = (ipllc_t *)mp1->b_rptr; 11709 for (ipft = ip_ioctl_ftbl; ipft->ipft_pfi; ipft++) { 11710 if (ipllc->ipllc_cmd == ipft->ipft_cmd) 11711 break; 11712 } 11713 /* 11714 * prefer credential from mblk over ioctl; 11715 * see ip_sioctl_copyin_setup 11716 */ 11717 cr = msg_getcred(mp, NULL); 11718 if (cr == NULL) 11719 cr = iocp->ioc_cr; 11720 11721 /* 11722 * Refhold the conn in case the request gets queued up in some lookup 11723 */ 11724 ASSERT(CONN_Q(q)); 11725 connp = Q_TO_CONN(q); 11726 CONN_INC_REF(connp); 11727 CONN_INC_IOCTLREF(connp); 11728 if (ipft->ipft_pfi && 11729 ((mp1->b_wptr - mp1->b_rptr) >= ipft->ipft_min_size || 11730 pullupmsg(mp1, ipft->ipft_min_size))) { 11731 error = (*ipft->ipft_pfi)(q, 11732 (ipft->ipft_flags & IPFT_F_SELF_REPLY) ? mp : mp1, cr); 11733 } 11734 if (ipft->ipft_flags & IPFT_F_SELF_REPLY) { 11735 /* 11736 * CONN_OPER_PENDING_DONE happens in the function called 11737 * through ipft_pfi above. 11738 */ 11739 return; 11740 } 11741 11742 CONN_DEC_IOCTLREF(connp); 11743 CONN_OPER_PENDING_DONE(connp); 11744 if (ipft->ipft_flags & IPFT_F_NO_REPLY) { 11745 freemsg(mp); 11746 return; 11747 } 11748 iocp->ioc_error = error; 11749 11750 done: 11751 mp->b_datap->db_type = M_IOCACK; 11752 if (iocp->ioc_error) 11753 iocp->ioc_count = 0; 11754 qreply(q, mp); 11755 } 11756 11757 /* 11758 * Assign a unique id for the ipif. This is used by sctp_addr.c 11759 * Note: remove if sctp_addr.c is redone to not shadow ill/ipif data structures. 11760 */ 11761 static void 11762 ipif_assign_seqid(ipif_t *ipif) 11763 { 11764 ip_stack_t *ipst = ipif->ipif_ill->ill_ipst; 11765 11766 ipif->ipif_seqid = atomic_add_64_nv(&ipst->ips_ipif_g_seqid, 1); 11767 } 11768 11769 /* 11770 * Clone the contents of `sipif' to `dipif'. Requires that both ipifs are 11771 * administratively down (i.e., no DAD), of the same type, and locked. Note 11772 * that the clone is complete -- including the seqid -- and the expectation is 11773 * that the caller will either free or overwrite `sipif' before it's unlocked. 11774 */ 11775 static void 11776 ipif_clone(const ipif_t *sipif, ipif_t *dipif) 11777 { 11778 ASSERT(MUTEX_HELD(&sipif->ipif_ill->ill_lock)); 11779 ASSERT(MUTEX_HELD(&dipif->ipif_ill->ill_lock)); 11780 ASSERT(!(sipif->ipif_flags & (IPIF_UP|IPIF_DUPLICATE))); 11781 ASSERT(!(dipif->ipif_flags & (IPIF_UP|IPIF_DUPLICATE))); 11782 ASSERT(sipif->ipif_ire_type == dipif->ipif_ire_type); 11783 11784 dipif->ipif_flags = sipif->ipif_flags; 11785 dipif->ipif_zoneid = sipif->ipif_zoneid; 11786 dipif->ipif_v6subnet = sipif->ipif_v6subnet; 11787 dipif->ipif_v6lcl_addr = sipif->ipif_v6lcl_addr; 11788 dipif->ipif_v6net_mask = sipif->ipif_v6net_mask; 11789 dipif->ipif_v6brd_addr = sipif->ipif_v6brd_addr; 11790 dipif->ipif_v6pp_dst_addr = sipif->ipif_v6pp_dst_addr; 11791 11792 /* 11793 * As per the comment atop the function, we assume that these sipif 11794 * fields will be changed before sipif is unlocked. 11795 */ 11796 dipif->ipif_seqid = sipif->ipif_seqid; 11797 dipif->ipif_state_flags = sipif->ipif_state_flags; 11798 } 11799 11800 /* 11801 * Transfer the contents of `sipif' to `dipif', and then free (if `virgipif' 11802 * is NULL) or overwrite `sipif' with `virgipif', which must be a virgin 11803 * (unreferenced) ipif. Also, if `sipif' is used by the current xop, then 11804 * transfer the xop to `dipif'. Requires that all ipifs are administratively 11805 * down (i.e., no DAD), of the same type, and unlocked. 11806 */ 11807 static void 11808 ipif_transfer(ipif_t *sipif, ipif_t *dipif, ipif_t *virgipif) 11809 { 11810 ipsq_t *ipsq = sipif->ipif_ill->ill_phyint->phyint_ipsq; 11811 ipxop_t *ipx = ipsq->ipsq_xop; 11812 11813 ASSERT(sipif != dipif); 11814 ASSERT(sipif != virgipif); 11815 11816 /* 11817 * Grab all of the locks that protect the ipif in a defined order. 11818 */ 11819 GRAB_ILL_LOCKS(sipif->ipif_ill, dipif->ipif_ill); 11820 11821 ipif_clone(sipif, dipif); 11822 if (virgipif != NULL) { 11823 ipif_clone(virgipif, sipif); 11824 mi_free(virgipif); 11825 } 11826 11827 RELEASE_ILL_LOCKS(sipif->ipif_ill, dipif->ipif_ill); 11828 11829 /* 11830 * Transfer ownership of the current xop, if necessary. 11831 */ 11832 if (ipx->ipx_current_ipif == sipif) { 11833 ASSERT(ipx->ipx_pending_ipif == NULL); 11834 mutex_enter(&ipx->ipx_lock); 11835 ipx->ipx_current_ipif = dipif; 11836 mutex_exit(&ipx->ipx_lock); 11837 } 11838 11839 if (virgipif == NULL) 11840 mi_free(sipif); 11841 } 11842 11843 /* 11844 * checks if: 11845 * - <ill_name>:<ipif_id> is at most LIFNAMSIZ - 1 and 11846 * - logical interface is within the allowed range 11847 */ 11848 static int 11849 is_lifname_valid(ill_t *ill, unsigned int ipif_id) 11850 { 11851 if (snprintf(NULL, 0, "%s:%d", ill->ill_name, ipif_id) >= LIFNAMSIZ) 11852 return (ENAMETOOLONG); 11853 11854 if (ipif_id >= ill->ill_ipst->ips_ip_addrs_per_if) 11855 return (ERANGE); 11856 return (0); 11857 } 11858 11859 /* 11860 * Insert the ipif, so that the list of ipifs on the ill will be sorted 11861 * with respect to ipif_id. Note that an ipif with an ipif_id of -1 will 11862 * be inserted into the first space available in the list. The value of 11863 * ipif_id will then be set to the appropriate value for its position. 11864 */ 11865 static int 11866 ipif_insert(ipif_t *ipif, boolean_t acquire_g_lock) 11867 { 11868 ill_t *ill; 11869 ipif_t *tipif; 11870 ipif_t **tipifp; 11871 int id, err; 11872 ip_stack_t *ipst; 11873 11874 ASSERT(ipif->ipif_ill->ill_net_type == IRE_LOOPBACK || 11875 IAM_WRITER_IPIF(ipif)); 11876 11877 ill = ipif->ipif_ill; 11878 ASSERT(ill != NULL); 11879 ipst = ill->ill_ipst; 11880 11881 /* 11882 * In the case of lo0:0 we already hold the ill_g_lock. 11883 * ill_lookup_on_name (acquires ill_g_lock) -> ipif_allocate -> 11884 * ipif_insert. 11885 */ 11886 if (acquire_g_lock) 11887 rw_enter(&ipst->ips_ill_g_lock, RW_WRITER); 11888 mutex_enter(&ill->ill_lock); 11889 id = ipif->ipif_id; 11890 tipifp = &(ill->ill_ipif); 11891 if (id == -1) { /* need to find a real id */ 11892 id = 0; 11893 while ((tipif = *tipifp) != NULL) { 11894 ASSERT(tipif->ipif_id >= id); 11895 if (tipif->ipif_id != id) 11896 break; /* non-consecutive id */ 11897 id++; 11898 tipifp = &(tipif->ipif_next); 11899 } 11900 if ((err = is_lifname_valid(ill, id)) != 0) { 11901 mutex_exit(&ill->ill_lock); 11902 if (acquire_g_lock) 11903 rw_exit(&ipst->ips_ill_g_lock); 11904 return (err); 11905 } 11906 ipif->ipif_id = id; /* assign new id */ 11907 } else if ((err = is_lifname_valid(ill, id)) == 0) { 11908 /* we have a real id; insert ipif in the right place */ 11909 while ((tipif = *tipifp) != NULL) { 11910 ASSERT(tipif->ipif_id != id); 11911 if (tipif->ipif_id > id) 11912 break; /* found correct location */ 11913 tipifp = &(tipif->ipif_next); 11914 } 11915 } else { 11916 mutex_exit(&ill->ill_lock); 11917 if (acquire_g_lock) 11918 rw_exit(&ipst->ips_ill_g_lock); 11919 return (err); 11920 } 11921 11922 ASSERT(tipifp != &(ill->ill_ipif) || id == 0); 11923 11924 ipif->ipif_next = tipif; 11925 *tipifp = ipif; 11926 mutex_exit(&ill->ill_lock); 11927 if (acquire_g_lock) 11928 rw_exit(&ipst->ips_ill_g_lock); 11929 11930 return (0); 11931 } 11932 11933 static void 11934 ipif_remove(ipif_t *ipif) 11935 { 11936 ipif_t **ipifp; 11937 ill_t *ill = ipif->ipif_ill; 11938 11939 ASSERT(RW_WRITE_HELD(&ill->ill_ipst->ips_ill_g_lock)); 11940 11941 mutex_enter(&ill->ill_lock); 11942 ipifp = &ill->ill_ipif; 11943 for (; *ipifp != NULL; ipifp = &ipifp[0]->ipif_next) { 11944 if (*ipifp == ipif) { 11945 *ipifp = ipif->ipif_next; 11946 break; 11947 } 11948 } 11949 mutex_exit(&ill->ill_lock); 11950 } 11951 11952 /* 11953 * Allocate and initialize a new interface control structure. (Always 11954 * called as writer.) 11955 * When ipif_allocate() is called from ip_ll_subnet_defaults, the ill 11956 * is not part of the global linked list of ills. ipif_seqid is unique 11957 * in the system and to preserve the uniqueness, it is assigned only 11958 * when ill becomes part of the global list. At that point ill will 11959 * have a name. If it doesn't get assigned here, it will get assigned 11960 * in ipif_set_values() as part of SIOCSLIFNAME processing. 11961 * Aditionally, if we come here from ip_ll_subnet_defaults, we don't set 11962 * the interface flags or any other information from the DL_INFO_ACK for 11963 * DL_STYLE2 drivers (initialize == B_FALSE), since we won't have them at 11964 * this point. The flags etc. will be set in ip_ll_subnet_defaults when the 11965 * second DL_INFO_ACK comes in from the driver. 11966 */ 11967 static ipif_t * 11968 ipif_allocate(ill_t *ill, int id, uint_t ire_type, boolean_t initialize, 11969 boolean_t insert, int *errorp) 11970 { 11971 int err; 11972 ipif_t *ipif; 11973 ip_stack_t *ipst = ill->ill_ipst; 11974 11975 ip1dbg(("ipif_allocate(%s:%d ill %p)\n", 11976 ill->ill_name, id, (void *)ill)); 11977 ASSERT(ire_type == IRE_LOOPBACK || IAM_WRITER_ILL(ill)); 11978 11979 if (errorp != NULL) 11980 *errorp = 0; 11981 11982 if ((ipif = mi_alloc(sizeof (ipif_t), BPRI_MED)) == NULL) { 11983 if (errorp != NULL) 11984 *errorp = ENOMEM; 11985 return (NULL); 11986 } 11987 *ipif = ipif_zero; /* start clean */ 11988 11989 ipif->ipif_ill = ill; 11990 ipif->ipif_id = id; /* could be -1 */ 11991 /* 11992 * Inherit the zoneid from the ill; for the shared stack instance 11993 * this is always the global zone 11994 */ 11995 ipif->ipif_zoneid = ill->ill_zoneid; 11996 11997 ipif->ipif_refcnt = 0; 11998 11999 if (insert) { 12000 if ((err = ipif_insert(ipif, ire_type != IRE_LOOPBACK)) != 0) { 12001 mi_free(ipif); 12002 if (errorp != NULL) 12003 *errorp = err; 12004 return (NULL); 12005 } 12006 /* -1 id should have been replaced by real id */ 12007 id = ipif->ipif_id; 12008 ASSERT(id >= 0); 12009 } 12010 12011 if (ill->ill_name[0] != '\0') 12012 ipif_assign_seqid(ipif); 12013 12014 /* 12015 * If this is the zeroth ipif on the IPMP ill, create the illgrp 12016 * (which must not exist yet because the zeroth ipif is created once 12017 * per ill). However, do not not link it to the ipmp_grp_t until 12018 * I_PLINK is called; see ip_sioctl_plink_ipmp() for details. 12019 */ 12020 if (id == 0 && IS_IPMP(ill)) { 12021 if (ipmp_illgrp_create(ill) == NULL) { 12022 if (insert) { 12023 rw_enter(&ipst->ips_ill_g_lock, RW_WRITER); 12024 ipif_remove(ipif); 12025 rw_exit(&ipst->ips_ill_g_lock); 12026 } 12027 mi_free(ipif); 12028 if (errorp != NULL) 12029 *errorp = ENOMEM; 12030 return (NULL); 12031 } 12032 } 12033 12034 /* 12035 * We grab ill_lock to protect the flag changes. The ipif is still 12036 * not up and can't be looked up until the ioctl completes and the 12037 * IPIF_CHANGING flag is cleared. 12038 */ 12039 mutex_enter(&ill->ill_lock); 12040 12041 ipif->ipif_ire_type = ire_type; 12042 12043 if (ipif->ipif_isv6) { 12044 ill->ill_flags |= ILLF_IPV6; 12045 } else { 12046 ipaddr_t inaddr_any = INADDR_ANY; 12047 12048 ill->ill_flags |= ILLF_IPV4; 12049 12050 /* Keep the IN6_IS_ADDR_V4MAPPED assertions happy */ 12051 IN6_IPADDR_TO_V4MAPPED(inaddr_any, 12052 &ipif->ipif_v6lcl_addr); 12053 IN6_IPADDR_TO_V4MAPPED(inaddr_any, 12054 &ipif->ipif_v6subnet); 12055 IN6_IPADDR_TO_V4MAPPED(inaddr_any, 12056 &ipif->ipif_v6net_mask); 12057 IN6_IPADDR_TO_V4MAPPED(inaddr_any, 12058 &ipif->ipif_v6brd_addr); 12059 IN6_IPADDR_TO_V4MAPPED(inaddr_any, 12060 &ipif->ipif_v6pp_dst_addr); 12061 } 12062 12063 /* 12064 * Don't set the interface flags etc. now, will do it in 12065 * ip_ll_subnet_defaults. 12066 */ 12067 if (!initialize) 12068 goto out; 12069 12070 /* 12071 * NOTE: The IPMP meta-interface is special-cased because it starts 12072 * with no underlying interfaces (and thus an unknown broadcast 12073 * address length), but all interfaces that can be placed into an IPMP 12074 * group are required to be broadcast-capable. 12075 */ 12076 if (ill->ill_bcast_addr_length != 0 || IS_IPMP(ill)) { 12077 /* 12078 * Later detect lack of DLPI driver multicast capability by 12079 * catching DL_ENABMULTI_REQ errors in ip_rput_dlpi(). 12080 */ 12081 ill->ill_flags |= ILLF_MULTICAST; 12082 if (!ipif->ipif_isv6) 12083 ipif->ipif_flags |= IPIF_BROADCAST; 12084 } else { 12085 if (ill->ill_net_type != IRE_LOOPBACK) { 12086 if (ipif->ipif_isv6) 12087 /* 12088 * Note: xresolv interfaces will eventually need 12089 * NOARP set here as well, but that will require 12090 * those external resolvers to have some 12091 * knowledge of that flag and act appropriately. 12092 * Not to be changed at present. 12093 */ 12094 ill->ill_flags |= ILLF_NONUD; 12095 else 12096 ill->ill_flags |= ILLF_NOARP; 12097 } 12098 if (ill->ill_phys_addr_length == 0) { 12099 if (IS_VNI(ill)) { 12100 ipif->ipif_flags |= IPIF_NOXMIT; 12101 } else { 12102 /* pt-pt supports multicast. */ 12103 ill->ill_flags |= ILLF_MULTICAST; 12104 if (ill->ill_net_type != IRE_LOOPBACK) 12105 ipif->ipif_flags |= IPIF_POINTOPOINT; 12106 } 12107 } 12108 } 12109 out: 12110 mutex_exit(&ill->ill_lock); 12111 return (ipif); 12112 } 12113 12114 /* 12115 * Remove the neighbor cache entries associated with this logical 12116 * interface. 12117 */ 12118 int 12119 ipif_arp_down(ipif_t *ipif) 12120 { 12121 ill_t *ill = ipif->ipif_ill; 12122 int err = 0; 12123 12124 ip1dbg(("ipif_arp_down(%s:%u)\n", ill->ill_name, ipif->ipif_id)); 12125 ASSERT(IAM_WRITER_IPIF(ipif)); 12126 12127 DTRACE_PROBE3(ipif__downup, char *, "ipif_arp_down", 12128 ill_t *, ill, ipif_t *, ipif); 12129 ipif_nce_down(ipif); 12130 12131 /* 12132 * If this is the last ipif that is going down and there are no 12133 * duplicate addresses we may yet attempt to re-probe, then we need to 12134 * clean up ARP completely. 12135 */ 12136 if (ill->ill_ipif_up_count == 0 && ill->ill_ipif_dup_count == 0 && 12137 !ill->ill_logical_down && ill->ill_net_type == IRE_IF_RESOLVER) { 12138 /* 12139 * If this was the last ipif on an IPMP interface, purge any 12140 * static ARP entries associated with it. 12141 */ 12142 if (IS_IPMP(ill)) 12143 ipmp_illgrp_refresh_arpent(ill->ill_grp); 12144 12145 /* UNBIND, DETACH */ 12146 err = arp_ll_down(ill); 12147 } 12148 12149 return (err); 12150 } 12151 12152 /* 12153 * Get the resolver set up for a new IP address. (Always called as writer.) 12154 * Called both for IPv4 and IPv6 interfaces, though it only does some 12155 * basic DAD related initialization for IPv6. Honors ILLF_NOARP. 12156 * 12157 * The enumerated value res_act tunes the behavior: 12158 * * Res_act_initial: set up all the resolver structures for a new 12159 * IP address. 12160 * * Res_act_defend: tell ARP that it needs to send a single gratuitous 12161 * ARP message in defense of the address. 12162 * * Res_act_rebind: tell ARP to change the hardware address for an IP 12163 * address (and issue gratuitous ARPs). Used by ipmp_ill_bind_ipif(). 12164 * 12165 * Returns zero on success, or an errno upon failure. 12166 */ 12167 int 12168 ipif_resolver_up(ipif_t *ipif, enum ip_resolver_action res_act) 12169 { 12170 ill_t *ill = ipif->ipif_ill; 12171 int err; 12172 boolean_t was_dup; 12173 12174 ip1dbg(("ipif_resolver_up(%s:%u) flags 0x%x\n", 12175 ill->ill_name, ipif->ipif_id, (uint_t)ipif->ipif_flags)); 12176 ASSERT(IAM_WRITER_IPIF(ipif)); 12177 12178 was_dup = B_FALSE; 12179 if (res_act == Res_act_initial) { 12180 ipif->ipif_addr_ready = 0; 12181 /* 12182 * We're bringing an interface up here. There's no way that we 12183 * should need to shut down ARP now. 12184 */ 12185 mutex_enter(&ill->ill_lock); 12186 if (ipif->ipif_flags & IPIF_DUPLICATE) { 12187 ipif->ipif_flags &= ~IPIF_DUPLICATE; 12188 ill->ill_ipif_dup_count--; 12189 was_dup = B_TRUE; 12190 } 12191 mutex_exit(&ill->ill_lock); 12192 } 12193 if (ipif->ipif_recovery_id != 0) 12194 (void) untimeout(ipif->ipif_recovery_id); 12195 ipif->ipif_recovery_id = 0; 12196 if (ill->ill_net_type != IRE_IF_RESOLVER) { 12197 ipif->ipif_addr_ready = 1; 12198 return (0); 12199 } 12200 /* NDP will set the ipif_addr_ready flag when it's ready */ 12201 if (ill->ill_isv6) 12202 return (0); 12203 12204 err = ipif_arp_up(ipif, res_act, was_dup); 12205 return (err); 12206 } 12207 12208 /* 12209 * This routine restarts IPv4/IPv6 duplicate address detection (DAD) 12210 * when a link has just gone back up. 12211 */ 12212 static void 12213 ipif_nce_start_dad(ipif_t *ipif) 12214 { 12215 ncec_t *ncec; 12216 ill_t *ill = ipif->ipif_ill; 12217 boolean_t isv6 = ill->ill_isv6; 12218 12219 if (isv6) { 12220 ncec = ncec_lookup_illgrp_v6(ipif->ipif_ill, 12221 &ipif->ipif_v6lcl_addr); 12222 } else { 12223 ipaddr_t v4addr; 12224 12225 if (ill->ill_net_type != IRE_IF_RESOLVER || 12226 (ipif->ipif_flags & IPIF_UNNUMBERED) || 12227 ipif->ipif_lcl_addr == INADDR_ANY) { 12228 /* 12229 * If we can't contact ARP for some reason, 12230 * that's not really a problem. Just send 12231 * out the routing socket notification that 12232 * DAD completion would have done, and continue. 12233 */ 12234 ipif_mask_reply(ipif); 12235 ipif_up_notify(ipif); 12236 ipif->ipif_addr_ready = 1; 12237 return; 12238 } 12239 12240 IN6_V4MAPPED_TO_IPADDR(&ipif->ipif_v6lcl_addr, v4addr); 12241 ncec = ncec_lookup_illgrp_v4(ipif->ipif_ill, &v4addr); 12242 } 12243 12244 if (ncec == NULL) { 12245 ip1dbg(("couldn't find ncec for ipif %p leaving !ready\n", 12246 (void *)ipif)); 12247 return; 12248 } 12249 if (!nce_restart_dad(ncec)) { 12250 /* 12251 * If we can't restart DAD for some reason, that's not really a 12252 * problem. Just send out the routing socket notification that 12253 * DAD completion would have done, and continue. 12254 */ 12255 ipif_up_notify(ipif); 12256 ipif->ipif_addr_ready = 1; 12257 } 12258 ncec_refrele(ncec); 12259 } 12260 12261 /* 12262 * Restart duplicate address detection on all interfaces on the given ill. 12263 * 12264 * This is called when an interface transitions from down to up 12265 * (DL_NOTE_LINK_UP) or up to down (DL_NOTE_LINK_DOWN). 12266 * 12267 * Note that since the underlying physical link has transitioned, we must cause 12268 * at least one routing socket message to be sent here, either via DAD 12269 * completion or just by default on the first ipif. (If we don't do this, then 12270 * in.mpathd will see long delays when doing link-based failure recovery.) 12271 */ 12272 void 12273 ill_restart_dad(ill_t *ill, boolean_t went_up) 12274 { 12275 ipif_t *ipif; 12276 12277 if (ill == NULL) 12278 return; 12279 12280 /* 12281 * If layer two doesn't support duplicate address detection, then just 12282 * send the routing socket message now and be done with it. 12283 */ 12284 if (!ill->ill_isv6 && arp_no_defense) { 12285 ip_rts_ifmsg(ill->ill_ipif, RTSQ_DEFAULT); 12286 return; 12287 } 12288 12289 for (ipif = ill->ill_ipif; ipif != NULL; ipif = ipif->ipif_next) { 12290 if (went_up) { 12291 12292 if (ipif->ipif_flags & IPIF_UP) { 12293 ipif_nce_start_dad(ipif); 12294 } else if (ipif->ipif_flags & IPIF_DUPLICATE) { 12295 /* 12296 * kick off the bring-up process now. 12297 */ 12298 ipif_do_recovery(ipif); 12299 } else { 12300 /* 12301 * Unfortunately, the first ipif is "special" 12302 * and represents the underlying ill in the 12303 * routing socket messages. Thus, when this 12304 * one ipif is down, we must still notify so 12305 * that the user knows the IFF_RUNNING status 12306 * change. (If the first ipif is up, then 12307 * we'll handle eventual routing socket 12308 * notification via DAD completion.) 12309 */ 12310 if (ipif == ill->ill_ipif) { 12311 ip_rts_ifmsg(ill->ill_ipif, 12312 RTSQ_DEFAULT); 12313 } 12314 } 12315 } else { 12316 /* 12317 * After link down, we'll need to send a new routing 12318 * message when the link comes back, so clear 12319 * ipif_addr_ready. 12320 */ 12321 ipif->ipif_addr_ready = 0; 12322 } 12323 } 12324 12325 /* 12326 * If we've torn down links, then notify the user right away. 12327 */ 12328 if (!went_up) 12329 ip_rts_ifmsg(ill->ill_ipif, RTSQ_DEFAULT); 12330 } 12331 12332 static void 12333 ipsq_delete(ipsq_t *ipsq) 12334 { 12335 ipxop_t *ipx = ipsq->ipsq_xop; 12336 12337 ipsq->ipsq_ipst = NULL; 12338 ASSERT(ipsq->ipsq_phyint == NULL); 12339 ASSERT(ipsq->ipsq_xop != NULL); 12340 ASSERT(ipsq->ipsq_xopq_mphead == NULL && ipx->ipx_mphead == NULL); 12341 ASSERT(ipx->ipx_pending_mp == NULL); 12342 kmem_free(ipsq, sizeof (ipsq_t)); 12343 } 12344 12345 static int 12346 ill_up_ipifs_on_ill(ill_t *ill, queue_t *q, mblk_t *mp) 12347 { 12348 int err = 0; 12349 ipif_t *ipif; 12350 12351 if (ill == NULL) 12352 return (0); 12353 12354 ASSERT(IAM_WRITER_ILL(ill)); 12355 ill->ill_up_ipifs = B_TRUE; 12356 for (ipif = ill->ill_ipif; ipif != NULL; ipif = ipif->ipif_next) { 12357 if (ipif->ipif_was_up) { 12358 if (!(ipif->ipif_flags & IPIF_UP)) 12359 err = ipif_up(ipif, q, mp); 12360 ipif->ipif_was_up = B_FALSE; 12361 if (err != 0) { 12362 ASSERT(err == EINPROGRESS); 12363 return (err); 12364 } 12365 } 12366 } 12367 ill->ill_up_ipifs = B_FALSE; 12368 return (0); 12369 } 12370 12371 /* 12372 * This function is called to bring up all the ipifs that were up before 12373 * bringing the ill down via ill_down_ipifs(). 12374 */ 12375 int 12376 ill_up_ipifs(ill_t *ill, queue_t *q, mblk_t *mp) 12377 { 12378 int err; 12379 12380 ASSERT(IAM_WRITER_ILL(ill)); 12381 12382 if (ill->ill_replumbing) { 12383 ill->ill_replumbing = 0; 12384 /* 12385 * Send down REPLUMB_DONE notification followed by the 12386 * BIND_REQ on the arp stream. 12387 */ 12388 if (!ill->ill_isv6) 12389 arp_send_replumb_conf(ill); 12390 } 12391 err = ill_up_ipifs_on_ill(ill->ill_phyint->phyint_illv4, q, mp); 12392 if (err != 0) 12393 return (err); 12394 12395 return (ill_up_ipifs_on_ill(ill->ill_phyint->phyint_illv6, q, mp)); 12396 } 12397 12398 /* 12399 * Bring down any IPIF_UP ipifs on ill. If "logical" is B_TRUE, we bring 12400 * down the ipifs without sending DL_UNBIND_REQ to the driver. 12401 */ 12402 static void 12403 ill_down_ipifs(ill_t *ill, boolean_t logical) 12404 { 12405 ipif_t *ipif; 12406 12407 ASSERT(IAM_WRITER_ILL(ill)); 12408 12409 for (ipif = ill->ill_ipif; ipif != NULL; ipif = ipif->ipif_next) { 12410 /* 12411 * We go through the ipif_down logic even if the ipif 12412 * is already down, since routes can be added based 12413 * on down ipifs. Going through ipif_down once again 12414 * will delete any IREs created based on these routes. 12415 */ 12416 if (ipif->ipif_flags & IPIF_UP) 12417 ipif->ipif_was_up = B_TRUE; 12418 12419 if (logical) { 12420 (void) ipif_logical_down(ipif, NULL, NULL); 12421 ipif_non_duplicate(ipif); 12422 (void) ipif_down_tail(ipif); 12423 } else { 12424 (void) ipif_down(ipif, NULL, NULL); 12425 } 12426 } 12427 } 12428 12429 /* 12430 * Redo source address selection. This makes IXAF_VERIFY_SOURCE take 12431 * a look again at valid source addresses. 12432 * This should be called each time after the set of source addresses has been 12433 * changed. 12434 */ 12435 void 12436 ip_update_source_selection(ip_stack_t *ipst) 12437 { 12438 /* We skip past SRC_GENERATION_VERIFY */ 12439 if (atomic_add_32_nv(&ipst->ips_src_generation, 1) == 12440 SRC_GENERATION_VERIFY) 12441 atomic_add_32(&ipst->ips_src_generation, 1); 12442 } 12443 12444 /* 12445 * Finish the group join started in ip_sioctl_groupname(). 12446 */ 12447 /* ARGSUSED */ 12448 static void 12449 ip_join_illgrps(ipsq_t *ipsq, queue_t *q, mblk_t *mp, void *dummy) 12450 { 12451 ill_t *ill = q->q_ptr; 12452 phyint_t *phyi = ill->ill_phyint; 12453 ipmp_grp_t *grp = phyi->phyint_grp; 12454 ip_stack_t *ipst = ill->ill_ipst; 12455 12456 /* IS_UNDER_IPMP() won't work until ipmp_ill_join_illgrp() is called */ 12457 ASSERT(!IS_IPMP(ill) && grp != NULL); 12458 ASSERT(IAM_WRITER_IPSQ(ipsq)); 12459 12460 if (phyi->phyint_illv4 != NULL) { 12461 rw_enter(&ipst->ips_ipmp_lock, RW_WRITER); 12462 VERIFY(grp->gr_pendv4-- > 0); 12463 rw_exit(&ipst->ips_ipmp_lock); 12464 ipmp_ill_join_illgrp(phyi->phyint_illv4, grp->gr_v4); 12465 } 12466 if (phyi->phyint_illv6 != NULL) { 12467 rw_enter(&ipst->ips_ipmp_lock, RW_WRITER); 12468 VERIFY(grp->gr_pendv6-- > 0); 12469 rw_exit(&ipst->ips_ipmp_lock); 12470 ipmp_ill_join_illgrp(phyi->phyint_illv6, grp->gr_v6); 12471 } 12472 freemsg(mp); 12473 } 12474 12475 /* 12476 * Process an SIOCSLIFGROUPNAME request. 12477 */ 12478 /* ARGSUSED */ 12479 int 12480 ip_sioctl_groupname(ipif_t *ipif, sin_t *sin, queue_t *q, mblk_t *mp, 12481 ip_ioctl_cmd_t *ipip, void *ifreq) 12482 { 12483 struct lifreq *lifr = ifreq; 12484 ill_t *ill = ipif->ipif_ill; 12485 ip_stack_t *ipst = ill->ill_ipst; 12486 phyint_t *phyi = ill->ill_phyint; 12487 ipmp_grp_t *grp = phyi->phyint_grp; 12488 mblk_t *ipsq_mp; 12489 int err = 0; 12490 12491 /* 12492 * Note that phyint_grp can only change here, where we're exclusive. 12493 */ 12494 ASSERT(IAM_WRITER_ILL(ill)); 12495 12496 if (ipif->ipif_id != 0 || ill->ill_usesrc_grp_next != NULL || 12497 (phyi->phyint_flags & PHYI_VIRTUAL)) 12498 return (EINVAL); 12499 12500 lifr->lifr_groupname[LIFGRNAMSIZ - 1] = '\0'; 12501 12502 rw_enter(&ipst->ips_ipmp_lock, RW_WRITER); 12503 12504 /* 12505 * If the name hasn't changed, there's nothing to do. 12506 */ 12507 if (grp != NULL && strcmp(grp->gr_name, lifr->lifr_groupname) == 0) 12508 goto unlock; 12509 12510 /* 12511 * Handle requests to rename an IPMP meta-interface. 12512 * 12513 * Note that creation of the IPMP meta-interface is handled in 12514 * userland through the standard plumbing sequence. As part of the 12515 * plumbing the IPMP meta-interface, its initial groupname is set to 12516 * the name of the interface (see ipif_set_values_tail()). 12517 */ 12518 if (IS_IPMP(ill)) { 12519 err = ipmp_grp_rename(grp, lifr->lifr_groupname); 12520 goto unlock; 12521 } 12522 12523 /* 12524 * Handle requests to add or remove an IP interface from a group. 12525 */ 12526 if (lifr->lifr_groupname[0] != '\0') { /* add */ 12527 /* 12528 * Moves are handled by first removing the interface from 12529 * its existing group, and then adding it to another group. 12530 * So, fail if it's already in a group. 12531 */ 12532 if (IS_UNDER_IPMP(ill)) { 12533 err = EALREADY; 12534 goto unlock; 12535 } 12536 12537 grp = ipmp_grp_lookup(lifr->lifr_groupname, ipst); 12538 if (grp == NULL) { 12539 err = ENOENT; 12540 goto unlock; 12541 } 12542 12543 /* 12544 * Check if the phyint and its ills are suitable for 12545 * inclusion into the group. 12546 */ 12547 if ((err = ipmp_grp_vet_phyint(grp, phyi)) != 0) 12548 goto unlock; 12549 12550 /* 12551 * Checks pass; join the group, and enqueue the remaining 12552 * illgrp joins for when we've become part of the group xop 12553 * and are exclusive across its IPSQs. Since qwriter_ip() 12554 * requires an mblk_t to scribble on, and since `mp' will be 12555 * freed as part of completing the ioctl, allocate another. 12556 */ 12557 if ((ipsq_mp = allocb(0, BPRI_MED)) == NULL) { 12558 err = ENOMEM; 12559 goto unlock; 12560 } 12561 12562 /* 12563 * Before we drop ipmp_lock, bump gr_pend* to ensure that the 12564 * IPMP meta-interface ills needed by `phyi' cannot go away 12565 * before ip_join_illgrps() is called back. See the comments 12566 * in ip_sioctl_plink_ipmp() for more. 12567 */ 12568 if (phyi->phyint_illv4 != NULL) 12569 grp->gr_pendv4++; 12570 if (phyi->phyint_illv6 != NULL) 12571 grp->gr_pendv6++; 12572 12573 rw_exit(&ipst->ips_ipmp_lock); 12574 12575 ipmp_phyint_join_grp(phyi, grp); 12576 ill_refhold(ill); 12577 qwriter_ip(ill, ill->ill_rq, ipsq_mp, ip_join_illgrps, 12578 SWITCH_OP, B_FALSE); 12579 return (0); 12580 } else { 12581 /* 12582 * Request to remove the interface from a group. If the 12583 * interface is not in a group, this trivially succeeds. 12584 */ 12585 rw_exit(&ipst->ips_ipmp_lock); 12586 if (IS_UNDER_IPMP(ill)) 12587 ipmp_phyint_leave_grp(phyi); 12588 return (0); 12589 } 12590 unlock: 12591 rw_exit(&ipst->ips_ipmp_lock); 12592 return (err); 12593 } 12594 12595 /* 12596 * Process an SIOCGLIFBINDING request. 12597 */ 12598 /* ARGSUSED */ 12599 int 12600 ip_sioctl_get_binding(ipif_t *ipif, sin_t *sin, queue_t *q, mblk_t *mp, 12601 ip_ioctl_cmd_t *ipip, void *ifreq) 12602 { 12603 ill_t *ill; 12604 struct lifreq *lifr = ifreq; 12605 ip_stack_t *ipst = ipif->ipif_ill->ill_ipst; 12606 12607 if (!IS_IPMP(ipif->ipif_ill)) 12608 return (EINVAL); 12609 12610 rw_enter(&ipst->ips_ipmp_lock, RW_READER); 12611 if ((ill = ipif->ipif_bound_ill) == NULL) 12612 lifr->lifr_binding[0] = '\0'; 12613 else 12614 (void) strlcpy(lifr->lifr_binding, ill->ill_name, LIFNAMSIZ); 12615 rw_exit(&ipst->ips_ipmp_lock); 12616 return (0); 12617 } 12618 12619 /* 12620 * Process an SIOCGLIFGROUPNAME request. 12621 */ 12622 /* ARGSUSED */ 12623 int 12624 ip_sioctl_get_groupname(ipif_t *ipif, sin_t *sin, queue_t *q, mblk_t *mp, 12625 ip_ioctl_cmd_t *ipip, void *ifreq) 12626 { 12627 ipmp_grp_t *grp; 12628 struct lifreq *lifr = ifreq; 12629 ip_stack_t *ipst = ipif->ipif_ill->ill_ipst; 12630 12631 rw_enter(&ipst->ips_ipmp_lock, RW_READER); 12632 if ((grp = ipif->ipif_ill->ill_phyint->phyint_grp) == NULL) 12633 lifr->lifr_groupname[0] = '\0'; 12634 else 12635 (void) strlcpy(lifr->lifr_groupname, grp->gr_name, LIFGRNAMSIZ); 12636 rw_exit(&ipst->ips_ipmp_lock); 12637 return (0); 12638 } 12639 12640 /* 12641 * Process an SIOCGLIFGROUPINFO request. 12642 */ 12643 /* ARGSUSED */ 12644 int 12645 ip_sioctl_groupinfo(ipif_t *dummy_ipif, sin_t *sin, queue_t *q, mblk_t *mp, 12646 ip_ioctl_cmd_t *ipip, void *dummy) 12647 { 12648 ipmp_grp_t *grp; 12649 lifgroupinfo_t *lifgr; 12650 ip_stack_t *ipst = CONNQ_TO_IPST(q); 12651 12652 /* ip_wput_nondata() verified mp->b_cont->b_cont */ 12653 lifgr = (lifgroupinfo_t *)mp->b_cont->b_cont->b_rptr; 12654 lifgr->gi_grname[LIFGRNAMSIZ - 1] = '\0'; 12655 12656 rw_enter(&ipst->ips_ipmp_lock, RW_READER); 12657 if ((grp = ipmp_grp_lookup(lifgr->gi_grname, ipst)) == NULL) { 12658 rw_exit(&ipst->ips_ipmp_lock); 12659 return (ENOENT); 12660 } 12661 ipmp_grp_info(grp, lifgr); 12662 rw_exit(&ipst->ips_ipmp_lock); 12663 return (0); 12664 } 12665 12666 static void 12667 ill_dl_down(ill_t *ill) 12668 { 12669 DTRACE_PROBE2(ill__downup, char *, "ill_dl_down", ill_t *, ill); 12670 12671 /* 12672 * The ill is down; unbind but stay attached since we're still 12673 * associated with a PPA. If we have negotiated DLPI capabilites 12674 * with the data link service provider (IDS_OK) then reset them. 12675 * The interval between unbinding and rebinding is potentially 12676 * unbounded hence we cannot assume things will be the same. 12677 * The DLPI capabilities will be probed again when the data link 12678 * is brought up. 12679 */ 12680 mblk_t *mp = ill->ill_unbind_mp; 12681 12682 ip1dbg(("ill_dl_down(%s)\n", ill->ill_name)); 12683 12684 if (!ill->ill_replumbing) { 12685 /* Free all ilms for this ill */ 12686 update_conn_ill(ill, ill->ill_ipst); 12687 } else { 12688 ill_leave_multicast(ill); 12689 } 12690 12691 ill->ill_unbind_mp = NULL; 12692 if (mp != NULL) { 12693 ip1dbg(("ill_dl_down: %s (%u) for %s\n", 12694 dl_primstr(*(int *)mp->b_rptr), *(int *)mp->b_rptr, 12695 ill->ill_name)); 12696 mutex_enter(&ill->ill_lock); 12697 ill->ill_state_flags |= ILL_DL_UNBIND_IN_PROGRESS; 12698 mutex_exit(&ill->ill_lock); 12699 /* 12700 * ip_rput does not pass up normal (M_PROTO) DLPI messages 12701 * after ILL_CONDEMNED is set. So in the unplumb case, we call 12702 * ill_capability_dld_disable disable rightaway. If this is not 12703 * an unplumb operation then the disable happens on receipt of 12704 * the capab ack via ip_rput_dlpi_writer -> 12705 * ill_capability_ack_thr. In both cases the order of 12706 * the operations seen by DLD is capability disable followed 12707 * by DL_UNBIND. Also the DLD capability disable needs a 12708 * cv_wait'able context. 12709 */ 12710 if (ill->ill_state_flags & ILL_CONDEMNED) 12711 ill_capability_dld_disable(ill); 12712 ill_capability_reset(ill, B_FALSE); 12713 ill_dlpi_send(ill, mp); 12714 } 12715 mutex_enter(&ill->ill_lock); 12716 ill->ill_dl_up = 0; 12717 ill_nic_event_dispatch(ill, 0, NE_DOWN, NULL, 0); 12718 mutex_exit(&ill->ill_lock); 12719 } 12720 12721 void 12722 ill_dlpi_dispatch(ill_t *ill, mblk_t *mp) 12723 { 12724 union DL_primitives *dlp; 12725 t_uscalar_t prim; 12726 boolean_t waitack = B_FALSE; 12727 12728 ASSERT(DB_TYPE(mp) == M_PROTO || DB_TYPE(mp) == M_PCPROTO); 12729 12730 dlp = (union DL_primitives *)mp->b_rptr; 12731 prim = dlp->dl_primitive; 12732 12733 ip1dbg(("ill_dlpi_dispatch: sending %s (%u) to %s\n", 12734 dl_primstr(prim), prim, ill->ill_name)); 12735 12736 switch (prim) { 12737 case DL_PHYS_ADDR_REQ: 12738 { 12739 dl_phys_addr_req_t *dlpap = (dl_phys_addr_req_t *)mp->b_rptr; 12740 ill->ill_phys_addr_pend = dlpap->dl_addr_type; 12741 break; 12742 } 12743 case DL_BIND_REQ: 12744 mutex_enter(&ill->ill_lock); 12745 ill->ill_state_flags &= ~ILL_DL_UNBIND_IN_PROGRESS; 12746 mutex_exit(&ill->ill_lock); 12747 break; 12748 } 12749 12750 /* 12751 * Except for the ACKs for the M_PCPROTO messages, all other ACKs 12752 * are dropped by ip_rput() if ILL_CONDEMNED is set. Therefore 12753 * we only wait for the ACK of the DL_UNBIND_REQ. 12754 */ 12755 mutex_enter(&ill->ill_lock); 12756 if (!(ill->ill_state_flags & ILL_CONDEMNED) || 12757 (prim == DL_UNBIND_REQ)) { 12758 ill->ill_dlpi_pending = prim; 12759 waitack = B_TRUE; 12760 } 12761 12762 mutex_exit(&ill->ill_lock); 12763 DTRACE_PROBE3(ill__dlpi, char *, "ill_dlpi_dispatch", 12764 char *, dl_primstr(prim), ill_t *, ill); 12765 putnext(ill->ill_wq, mp); 12766 12767 /* 12768 * There is no ack for DL_NOTIFY_CONF messages 12769 */ 12770 if (waitack && prim == DL_NOTIFY_CONF) 12771 ill_dlpi_done(ill, prim); 12772 } 12773 12774 /* 12775 * Helper function for ill_dlpi_send(). 12776 */ 12777 /* ARGSUSED */ 12778 static void 12779 ill_dlpi_send_writer(ipsq_t *ipsq, queue_t *q, mblk_t *mp, void *arg) 12780 { 12781 ill_dlpi_send(q->q_ptr, mp); 12782 } 12783 12784 /* 12785 * Send a DLPI control message to the driver but make sure there 12786 * is only one outstanding message. Uses ill_dlpi_pending to tell 12787 * when it must queue. ip_rput_dlpi_writer calls ill_dlpi_done() 12788 * when an ACK or a NAK is received to process the next queued message. 12789 */ 12790 void 12791 ill_dlpi_send(ill_t *ill, mblk_t *mp) 12792 { 12793 mblk_t **mpp; 12794 12795 ASSERT(DB_TYPE(mp) == M_PROTO || DB_TYPE(mp) == M_PCPROTO); 12796 12797 /* 12798 * To ensure that any DLPI requests for current exclusive operation 12799 * are always completely sent before any DLPI messages for other 12800 * operations, require writer access before enqueuing. 12801 */ 12802 if (!IAM_WRITER_ILL(ill)) { 12803 ill_refhold(ill); 12804 /* qwriter_ip() does the ill_refrele() */ 12805 qwriter_ip(ill, ill->ill_wq, mp, ill_dlpi_send_writer, 12806 NEW_OP, B_TRUE); 12807 return; 12808 } 12809 12810 mutex_enter(&ill->ill_lock); 12811 if (ill->ill_dlpi_pending != DL_PRIM_INVAL) { 12812 /* Must queue message. Tail insertion */ 12813 mpp = &ill->ill_dlpi_deferred; 12814 while (*mpp != NULL) 12815 mpp = &((*mpp)->b_next); 12816 12817 ip1dbg(("ill_dlpi_send: deferring request for %s " 12818 "while %s pending\n", ill->ill_name, 12819 dl_primstr(ill->ill_dlpi_pending))); 12820 12821 *mpp = mp; 12822 mutex_exit(&ill->ill_lock); 12823 return; 12824 } 12825 mutex_exit(&ill->ill_lock); 12826 ill_dlpi_dispatch(ill, mp); 12827 } 12828 12829 void 12830 ill_capability_send(ill_t *ill, mblk_t *mp) 12831 { 12832 ill->ill_capab_pending_cnt++; 12833 ill_dlpi_send(ill, mp); 12834 } 12835 12836 void 12837 ill_capability_done(ill_t *ill) 12838 { 12839 ASSERT(ill->ill_capab_pending_cnt != 0); 12840 12841 ill_dlpi_done(ill, DL_CAPABILITY_REQ); 12842 12843 ill->ill_capab_pending_cnt--; 12844 if (ill->ill_capab_pending_cnt == 0 && 12845 ill->ill_dlpi_capab_state == IDCS_OK) 12846 ill_capability_reset_alloc(ill); 12847 } 12848 12849 /* 12850 * Send all deferred DLPI messages without waiting for their ACKs. 12851 */ 12852 void 12853 ill_dlpi_send_deferred(ill_t *ill) 12854 { 12855 mblk_t *mp, *nextmp; 12856 12857 /* 12858 * Clear ill_dlpi_pending so that the message is not queued in 12859 * ill_dlpi_send(). 12860 */ 12861 mutex_enter(&ill->ill_lock); 12862 ill->ill_dlpi_pending = DL_PRIM_INVAL; 12863 mp = ill->ill_dlpi_deferred; 12864 ill->ill_dlpi_deferred = NULL; 12865 mutex_exit(&ill->ill_lock); 12866 12867 for (; mp != NULL; mp = nextmp) { 12868 nextmp = mp->b_next; 12869 mp->b_next = NULL; 12870 ill_dlpi_send(ill, mp); 12871 } 12872 } 12873 12874 /* 12875 * Clear all the deferred DLPI messages. Called on receiving an M_ERROR 12876 * or M_HANGUP 12877 */ 12878 static void 12879 ill_dlpi_clear_deferred(ill_t *ill) 12880 { 12881 mblk_t *mp, *nextmp; 12882 12883 mutex_enter(&ill->ill_lock); 12884 ill->ill_dlpi_pending = DL_PRIM_INVAL; 12885 mp = ill->ill_dlpi_deferred; 12886 ill->ill_dlpi_deferred = NULL; 12887 mutex_exit(&ill->ill_lock); 12888 12889 for (; mp != NULL; mp = nextmp) { 12890 nextmp = mp->b_next; 12891 inet_freemsg(mp); 12892 } 12893 } 12894 12895 /* 12896 * Check if the DLPI primitive `prim' is pending; print a warning if not. 12897 */ 12898 boolean_t 12899 ill_dlpi_pending(ill_t *ill, t_uscalar_t prim) 12900 { 12901 t_uscalar_t pending; 12902 12903 mutex_enter(&ill->ill_lock); 12904 if (ill->ill_dlpi_pending == prim) { 12905 mutex_exit(&ill->ill_lock); 12906 return (B_TRUE); 12907 } 12908 12909 /* 12910 * During teardown, ill_dlpi_dispatch() will send DLPI requests 12911 * without waiting, so don't print any warnings in that case. 12912 */ 12913 if (ill->ill_state_flags & ILL_CONDEMNED) { 12914 mutex_exit(&ill->ill_lock); 12915 return (B_FALSE); 12916 } 12917 pending = ill->ill_dlpi_pending; 12918 mutex_exit(&ill->ill_lock); 12919 12920 if (pending == DL_PRIM_INVAL) { 12921 (void) mi_strlog(ill->ill_rq, 1, SL_CONSOLE|SL_ERROR|SL_TRACE, 12922 "received unsolicited ack for %s on %s\n", 12923 dl_primstr(prim), ill->ill_name); 12924 } else { 12925 (void) mi_strlog(ill->ill_rq, 1, SL_CONSOLE|SL_ERROR|SL_TRACE, 12926 "received unexpected ack for %s on %s (expecting %s)\n", 12927 dl_primstr(prim), ill->ill_name, dl_primstr(pending)); 12928 } 12929 return (B_FALSE); 12930 } 12931 12932 /* 12933 * Complete the current DLPI operation associated with `prim' on `ill' and 12934 * start the next queued DLPI operation (if any). If there are no queued DLPI 12935 * operations and the ill's current exclusive IPSQ operation has finished 12936 * (i.e., ipsq_current_finish() was called), then clear ipsq_current_ipif to 12937 * allow the next exclusive IPSQ operation to begin upon ipsq_exit(). See 12938 * the comments above ipsq_current_finish() for details. 12939 */ 12940 void 12941 ill_dlpi_done(ill_t *ill, t_uscalar_t prim) 12942 { 12943 mblk_t *mp; 12944 ipsq_t *ipsq = ill->ill_phyint->phyint_ipsq; 12945 ipxop_t *ipx = ipsq->ipsq_xop; 12946 12947 ASSERT(IAM_WRITER_IPSQ(ipsq)); 12948 mutex_enter(&ill->ill_lock); 12949 12950 ASSERT(prim != DL_PRIM_INVAL); 12951 ASSERT(ill->ill_dlpi_pending == prim); 12952 12953 ip1dbg(("ill_dlpi_done: %s has completed %s (%u)\n", ill->ill_name, 12954 dl_primstr(ill->ill_dlpi_pending), ill->ill_dlpi_pending)); 12955 12956 if ((mp = ill->ill_dlpi_deferred) == NULL) { 12957 ill->ill_dlpi_pending = DL_PRIM_INVAL; 12958 if (ipx->ipx_current_done) { 12959 mutex_enter(&ipx->ipx_lock); 12960 ipx->ipx_current_ipif = NULL; 12961 mutex_exit(&ipx->ipx_lock); 12962 } 12963 cv_signal(&ill->ill_cv); 12964 mutex_exit(&ill->ill_lock); 12965 return; 12966 } 12967 12968 ill->ill_dlpi_deferred = mp->b_next; 12969 mp->b_next = NULL; 12970 mutex_exit(&ill->ill_lock); 12971 12972 ill_dlpi_dispatch(ill, mp); 12973 } 12974 12975 /* 12976 * Queue a (multicast) DLPI control message to be sent to the driver by 12977 * later calling ill_dlpi_send_queued. 12978 * We queue them while holding a lock (ill_mcast_lock) to ensure that they 12979 * are sent in order i.e., prevent a DL_DISABMULTI_REQ and DL_ENABMULTI_REQ 12980 * for the same group to race. 12981 * We send DLPI control messages in order using ill_lock. 12982 * For IPMP we should be called on the cast_ill. 12983 */ 12984 void 12985 ill_dlpi_queue(ill_t *ill, mblk_t *mp) 12986 { 12987 mblk_t **mpp; 12988 12989 ASSERT(DB_TYPE(mp) == M_PROTO || DB_TYPE(mp) == M_PCPROTO); 12990 12991 mutex_enter(&ill->ill_lock); 12992 /* Must queue message. Tail insertion */ 12993 mpp = &ill->ill_dlpi_deferred; 12994 while (*mpp != NULL) 12995 mpp = &((*mpp)->b_next); 12996 12997 *mpp = mp; 12998 mutex_exit(&ill->ill_lock); 12999 } 13000 13001 /* 13002 * Send the messages that were queued. Make sure there is only 13003 * one outstanding message. ip_rput_dlpi_writer calls ill_dlpi_done() 13004 * when an ACK or a NAK is received to process the next queued message. 13005 * For IPMP we are called on the upper ill, but when send what is queued 13006 * on the cast_ill. 13007 */ 13008 void 13009 ill_dlpi_send_queued(ill_t *ill) 13010 { 13011 mblk_t *mp; 13012 union DL_primitives *dlp; 13013 t_uscalar_t prim; 13014 ill_t *release_ill = NULL; 13015 13016 if (IS_IPMP(ill)) { 13017 /* On the upper IPMP ill. */ 13018 release_ill = ipmp_illgrp_hold_cast_ill(ill->ill_grp); 13019 if (release_ill == NULL) { 13020 /* Avoid ever sending anything down to the ipmpstub */ 13021 return; 13022 } 13023 ill = release_ill; 13024 } 13025 mutex_enter(&ill->ill_lock); 13026 while ((mp = ill->ill_dlpi_deferred) != NULL) { 13027 if (ill->ill_dlpi_pending != DL_PRIM_INVAL) { 13028 /* Can't send. Somebody else will send it */ 13029 mutex_exit(&ill->ill_lock); 13030 goto done; 13031 } 13032 ill->ill_dlpi_deferred = mp->b_next; 13033 mp->b_next = NULL; 13034 if (!ill->ill_dl_up) { 13035 /* 13036 * Nobody there. All multicast addresses will be 13037 * re-joined when we get the DL_BIND_ACK bringing the 13038 * interface up. 13039 */ 13040 freemsg(mp); 13041 continue; 13042 } 13043 dlp = (union DL_primitives *)mp->b_rptr; 13044 prim = dlp->dl_primitive; 13045 13046 if (!(ill->ill_state_flags & ILL_CONDEMNED) || 13047 (prim == DL_UNBIND_REQ)) { 13048 ill->ill_dlpi_pending = prim; 13049 } 13050 mutex_exit(&ill->ill_lock); 13051 13052 DTRACE_PROBE3(ill__dlpi, char *, "ill_dlpi_send_queued", 13053 char *, dl_primstr(prim), ill_t *, ill); 13054 putnext(ill->ill_wq, mp); 13055 mutex_enter(&ill->ill_lock); 13056 } 13057 mutex_exit(&ill->ill_lock); 13058 done: 13059 if (release_ill != NULL) 13060 ill_refrele(release_ill); 13061 } 13062 13063 /* 13064 * Queue an IP (IGMP/MLD) message to be sent by IP from 13065 * ill_mcast_send_queued 13066 * We queue them while holding a lock (ill_mcast_lock) to ensure that they 13067 * are sent in order i.e., prevent a IGMP leave and IGMP join for the same 13068 * group to race. 13069 * We send them in order using ill_lock. 13070 * For IPMP we are called on the upper ill, but we queue on the cast_ill. 13071 */ 13072 void 13073 ill_mcast_queue(ill_t *ill, mblk_t *mp) 13074 { 13075 mblk_t **mpp; 13076 ill_t *release_ill = NULL; 13077 13078 ASSERT(RW_LOCK_HELD(&ill->ill_mcast_lock)); 13079 13080 if (IS_IPMP(ill)) { 13081 /* On the upper IPMP ill. */ 13082 release_ill = ipmp_illgrp_hold_cast_ill(ill->ill_grp); 13083 if (release_ill == NULL) { 13084 /* Discard instead of queuing for the ipmp interface */ 13085 BUMP_MIB(ill->ill_ip_mib, ipIfStatsOutDiscards); 13086 ip_drop_output("ipIfStatsOutDiscards - no cast_ill", 13087 mp, ill); 13088 freemsg(mp); 13089 return; 13090 } 13091 ill = release_ill; 13092 } 13093 13094 mutex_enter(&ill->ill_lock); 13095 /* Must queue message. Tail insertion */ 13096 mpp = &ill->ill_mcast_deferred; 13097 while (*mpp != NULL) 13098 mpp = &((*mpp)->b_next); 13099 13100 *mpp = mp; 13101 mutex_exit(&ill->ill_lock); 13102 if (release_ill != NULL) 13103 ill_refrele(release_ill); 13104 } 13105 13106 /* 13107 * Send the IP packets that were queued by ill_mcast_queue. 13108 * These are IGMP/MLD packets. 13109 * 13110 * For IPMP we are called on the upper ill, but when send what is queued 13111 * on the cast_ill. 13112 * 13113 * Request loopback of the report if we are acting as a multicast 13114 * router, so that the process-level routing demon can hear it. 13115 * This will run multiple times for the same group if there are members 13116 * on the same group for multiple ipif's on the same ill. The 13117 * igmp_input/mld_input code will suppress this due to the loopback thus we 13118 * always loopback membership report. 13119 * 13120 * We also need to make sure that this does not get load balanced 13121 * by IPMP. We do this by passing an ill to ip_output_simple. 13122 */ 13123 void 13124 ill_mcast_send_queued(ill_t *ill) 13125 { 13126 mblk_t *mp; 13127 ip_xmit_attr_t ixas; 13128 ill_t *release_ill = NULL; 13129 13130 if (IS_IPMP(ill)) { 13131 /* On the upper IPMP ill. */ 13132 release_ill = ipmp_illgrp_hold_cast_ill(ill->ill_grp); 13133 if (release_ill == NULL) { 13134 /* 13135 * We should have no messages on the ipmp interface 13136 * but no point in trying to send them. 13137 */ 13138 return; 13139 } 13140 ill = release_ill; 13141 } 13142 bzero(&ixas, sizeof (ixas)); 13143 ixas.ixa_zoneid = ALL_ZONES; 13144 ixas.ixa_cred = kcred; 13145 ixas.ixa_cpid = NOPID; 13146 ixas.ixa_tsl = NULL; 13147 /* 13148 * Here we set ixa_ifindex. If IPMP it will be the lower ill which 13149 * makes ip_select_route pick the IRE_MULTICAST for the cast_ill. 13150 * That is necessary to handle IGMP/MLD snooping switches. 13151 */ 13152 ixas.ixa_ifindex = ill->ill_phyint->phyint_ifindex; 13153 ixas.ixa_ipst = ill->ill_ipst; 13154 13155 mutex_enter(&ill->ill_lock); 13156 while ((mp = ill->ill_mcast_deferred) != NULL) { 13157 ill->ill_mcast_deferred = mp->b_next; 13158 mp->b_next = NULL; 13159 if (!ill->ill_dl_up) { 13160 /* 13161 * Nobody there. Just drop the ip packets. 13162 * IGMP/MLD will resend later, if this is a replumb. 13163 */ 13164 freemsg(mp); 13165 continue; 13166 } 13167 mutex_enter(&ill->ill_phyint->phyint_lock); 13168 if (IS_UNDER_IPMP(ill) && !ipmp_ill_is_active(ill)) { 13169 /* 13170 * When the ill is getting deactivated, we only want to 13171 * send the DLPI messages, so drop IGMP/MLD packets. 13172 * DLPI messages are handled by ill_dlpi_send_queued() 13173 */ 13174 mutex_exit(&ill->ill_phyint->phyint_lock); 13175 freemsg(mp); 13176 continue; 13177 } 13178 mutex_exit(&ill->ill_phyint->phyint_lock); 13179 mutex_exit(&ill->ill_lock); 13180 13181 /* Check whether we are sending IPv4 or IPv6. */ 13182 if (ill->ill_isv6) { 13183 ip6_t *ip6h = (ip6_t *)mp->b_rptr; 13184 13185 ixas.ixa_multicast_ttl = ip6h->ip6_hops; 13186 ixas.ixa_flags = IXAF_BASIC_SIMPLE_V6; 13187 } else { 13188 ipha_t *ipha = (ipha_t *)mp->b_rptr; 13189 13190 ixas.ixa_multicast_ttl = ipha->ipha_ttl; 13191 ixas.ixa_flags = IXAF_BASIC_SIMPLE_V4; 13192 ixas.ixa_flags &= ~IXAF_SET_ULP_CKSUM; 13193 } 13194 ixas.ixa_flags &= ~IXAF_VERIFY_SOURCE; 13195 ixas.ixa_flags |= IXAF_MULTICAST_LOOP | IXAF_SET_SOURCE; 13196 (void) ip_output_simple(mp, &ixas); 13197 ixa_cleanup(&ixas); 13198 13199 mutex_enter(&ill->ill_lock); 13200 } 13201 mutex_exit(&ill->ill_lock); 13202 13203 done: 13204 if (release_ill != NULL) 13205 ill_refrele(release_ill); 13206 } 13207 13208 /* 13209 * Take down a specific interface, but don't lose any information about it. 13210 * (Always called as writer.) 13211 * This function goes through the down sequence even if the interface is 13212 * already down. There are 2 reasons. 13213 * a. Currently we permit interface routes that depend on down interfaces 13214 * to be added. This behaviour itself is questionable. However it appears 13215 * that both Solaris and 4.3 BSD have exhibited this behaviour for a long 13216 * time. We go thru the cleanup in order to remove these routes. 13217 * b. The bringup of the interface could fail in ill_dl_up i.e. we get 13218 * DL_ERROR_ACK in response to the DL_BIND request. The interface is 13219 * down, but we need to cleanup i.e. do ill_dl_down and 13220 * ip_rput_dlpi_writer (DL_ERROR_ACK) -> ipif_down. 13221 * 13222 * IP-MT notes: 13223 * 13224 * Model of reference to interfaces. 13225 * 13226 * The following members in ipif_t track references to the ipif. 13227 * int ipif_refcnt; Active reference count 13228 * 13229 * The following members in ill_t track references to the ill. 13230 * int ill_refcnt; active refcnt 13231 * uint_t ill_ire_cnt; Number of ires referencing ill 13232 * uint_t ill_ncec_cnt; Number of ncecs referencing ill 13233 * uint_t ill_nce_cnt; Number of nces referencing ill 13234 * uint_t ill_ilm_cnt; Number of ilms referencing ill 13235 * 13236 * Reference to an ipif or ill can be obtained in any of the following ways. 13237 * 13238 * Through the lookup functions ipif_lookup_* / ill_lookup_* functions 13239 * Pointers to ipif / ill from other data structures viz ire and conn. 13240 * Implicit reference to the ipif / ill by holding a reference to the ire. 13241 * 13242 * The ipif/ill lookup functions return a reference held ipif / ill. 13243 * ipif_refcnt and ill_refcnt track the reference counts respectively. 13244 * This is a purely dynamic reference count associated with threads holding 13245 * references to the ipif / ill. Pointers from other structures do not 13246 * count towards this reference count. 13247 * 13248 * ill_ire_cnt is the number of ire's associated with the 13249 * ill. This is incremented whenever a new ire is created referencing the 13250 * ill. This is done atomically inside ire_add_v[46] where the ire is 13251 * actually added to the ire hash table. The count is decremented in 13252 * ire_inactive where the ire is destroyed. 13253 * 13254 * ill_ncec_cnt is the number of ncec's referencing the ill thru ncec_ill. 13255 * This is incremented atomically in 13256 * ndp_add_v4()/ndp_add_v6() where the nce is actually added to the 13257 * table. Similarly it is decremented in ncec_inactive() where the ncec 13258 * is destroyed. 13259 * 13260 * ill_nce_cnt is the number of nce's referencing the ill thru nce_ill. This is 13261 * incremented atomically in nce_add() where the nce is actually added to the 13262 * ill_nce. Similarly it is decremented in nce_inactive() where the nce 13263 * is destroyed. 13264 * 13265 * ill_ilm_cnt is the ilm's reference to the ill. It is incremented in 13266 * ilm_add() and decremented before the ilm is freed in ilm_delete(). 13267 * 13268 * Flow of ioctls involving interface down/up 13269 * 13270 * The following is the sequence of an attempt to set some critical flags on an 13271 * up interface. 13272 * ip_sioctl_flags 13273 * ipif_down 13274 * wait for ipif to be quiescent 13275 * ipif_down_tail 13276 * ip_sioctl_flags_tail 13277 * 13278 * All set ioctls that involve down/up sequence would have a skeleton similar 13279 * to the above. All the *tail functions are called after the refcounts have 13280 * dropped to the appropriate values. 13281 * 13282 * SIOC ioctls during the IPIF_CHANGING interval. 13283 * 13284 * Threads handling SIOC set ioctls serialize on the squeue, but this 13285 * is not done for SIOC get ioctls. Since a set ioctl can cause several 13286 * steps of internal changes to the state, some of which are visible in 13287 * ipif_flags (such as IFF_UP being cleared and later set), and we want 13288 * the set ioctl to be atomic related to the get ioctls, the SIOC get code 13289 * will wait and restart ioctls if IPIF_CHANGING is set. The mblk is then 13290 * enqueued in the ipsq and the operation is restarted by ipsq_exit() when 13291 * the current exclusive operation completes. The IPIF_CHANGING check 13292 * and enqueue is atomic using the ill_lock and ipsq_lock. The 13293 * lookup is done holding the ill_lock. Hence the ill/ipif state flags can't 13294 * change while the ill_lock is held. Before dropping the ill_lock we acquire 13295 * the ipsq_lock and call ipsq_enq. This ensures that ipsq_exit can't finish 13296 * until we release the ipsq_lock, even though the ill/ipif state flags 13297 * can change after we drop the ill_lock. 13298 */ 13299 int 13300 ipif_down(ipif_t *ipif, queue_t *q, mblk_t *mp) 13301 { 13302 ill_t *ill = ipif->ipif_ill; 13303 conn_t *connp; 13304 boolean_t success; 13305 boolean_t ipif_was_up = B_FALSE; 13306 ip_stack_t *ipst = ill->ill_ipst; 13307 13308 ASSERT(IAM_WRITER_IPIF(ipif)); 13309 13310 ip1dbg(("ipif_down(%s:%u)\n", ill->ill_name, ipif->ipif_id)); 13311 13312 DTRACE_PROBE3(ipif__downup, char *, "ipif_down", 13313 ill_t *, ill, ipif_t *, ipif); 13314 13315 if (ipif->ipif_flags & IPIF_UP) { 13316 mutex_enter(&ill->ill_lock); 13317 ipif->ipif_flags &= ~IPIF_UP; 13318 ASSERT(ill->ill_ipif_up_count > 0); 13319 --ill->ill_ipif_up_count; 13320 mutex_exit(&ill->ill_lock); 13321 ipif_was_up = B_TRUE; 13322 /* Update status in SCTP's list */ 13323 sctp_update_ipif(ipif, SCTP_IPIF_DOWN); 13324 ill_nic_event_dispatch(ipif->ipif_ill, 13325 MAP_IPIF_ID(ipif->ipif_id), NE_LIF_DOWN, NULL, 0); 13326 } 13327 13328 /* 13329 * Removal of the last ipif from an ill may result in a DL_UNBIND 13330 * being sent to the driver, and we must not send any data packets to 13331 * the driver after the DL_UNBIND_REQ. To ensure this, all the 13332 * ire and nce entries used in the data path will be cleaned 13333 * up, and we also set the ILL_DOWN_IN_PROGRESS bit to make 13334 * sure on new entries will be added until the ill is bound 13335 * again. The ILL_DOWN_IN_PROGRESS bit is turned off upon 13336 * receipt of a DL_BIND_ACK. 13337 */ 13338 if (ill->ill_wq != NULL && !ill->ill_logical_down && 13339 ill->ill_ipif_up_count == 0 && ill->ill_ipif_dup_count == 0 && 13340 ill->ill_dl_up) { 13341 ill->ill_state_flags |= ILL_DOWN_IN_PROGRESS; 13342 } 13343 13344 /* 13345 * Blow away memberships we established in ipif_multicast_up(). 13346 */ 13347 ipif_multicast_down(ipif); 13348 13349 /* 13350 * Remove from the mapping for __sin6_src_id. We insert only 13351 * when the address is not INADDR_ANY. As IPv4 addresses are 13352 * stored as mapped addresses, we need to check for mapped 13353 * INADDR_ANY also. 13354 */ 13355 if (ipif_was_up && !IN6_IS_ADDR_UNSPECIFIED(&ipif->ipif_v6lcl_addr) && 13356 !IN6_IS_ADDR_V4MAPPED_ANY(&ipif->ipif_v6lcl_addr) && 13357 !(ipif->ipif_flags & IPIF_NOLOCAL)) { 13358 int err; 13359 13360 err = ip_srcid_remove(&ipif->ipif_v6lcl_addr, 13361 ipif->ipif_zoneid, ipst); 13362 if (err != 0) { 13363 ip0dbg(("ipif_down: srcid_remove %d\n", err)); 13364 } 13365 } 13366 13367 if (ipif_was_up) { 13368 /* only delete if we'd added ire's before */ 13369 if (ipif->ipif_isv6) 13370 ipif_delete_ires_v6(ipif); 13371 else 13372 ipif_delete_ires_v4(ipif); 13373 } 13374 13375 if (ipif_was_up && ill->ill_ipif_up_count == 0) { 13376 /* 13377 * Since the interface is now down, it may have just become 13378 * inactive. Note that this needs to be done even for a 13379 * lll_logical_down(), or ARP entries will not get correctly 13380 * restored when the interface comes back up. 13381 */ 13382 if (IS_UNDER_IPMP(ill)) 13383 ipmp_ill_refresh_active(ill); 13384 } 13385 13386 /* 13387 * neighbor-discovery or arp entries for this interface. The ipif 13388 * has to be quiesced, so we walk all the nce's and delete those 13389 * that point at the ipif->ipif_ill. At the same time, we also 13390 * update IPMP so that ipifs for data addresses are unbound. We dont 13391 * call ipif_arp_down to DL_UNBIND the arp stream itself here, but defer 13392 * that for ipif_down_tail() 13393 */ 13394 ipif_nce_down(ipif); 13395 13396 /* 13397 * If this is the last ipif on the ill, we also need to remove 13398 * any IREs with ire_ill set. Otherwise ipif_is_quiescent() will 13399 * never succeed. 13400 */ 13401 if (ill->ill_ipif_up_count == 0 && ill->ill_ipif_dup_count == 0) 13402 ire_walk_ill(0, 0, ill_downi, ill, ill); 13403 13404 /* 13405 * Walk all CONNs that can have a reference on an ire for this 13406 * ipif (we actually walk all that now have stale references). 13407 */ 13408 ipcl_walk(conn_ixa_cleanup, (void *)B_TRUE, ipst); 13409 13410 /* 13411 * If mp is NULL the caller will wait for the appropriate refcnt. 13412 * Eg. ip_sioctl_removeif -> ipif_free -> ipif_down 13413 * and ill_delete -> ipif_free -> ipif_down 13414 */ 13415 if (mp == NULL) { 13416 ASSERT(q == NULL); 13417 return (0); 13418 } 13419 13420 if (CONN_Q(q)) { 13421 connp = Q_TO_CONN(q); 13422 mutex_enter(&connp->conn_lock); 13423 } else { 13424 connp = NULL; 13425 } 13426 mutex_enter(&ill->ill_lock); 13427 /* 13428 * Are there any ire's pointing to this ipif that are still active ? 13429 * If this is the last ipif going down, are there any ire's pointing 13430 * to this ill that are still active ? 13431 */ 13432 if (ipif_is_quiescent(ipif)) { 13433 mutex_exit(&ill->ill_lock); 13434 if (connp != NULL) 13435 mutex_exit(&connp->conn_lock); 13436 return (0); 13437 } 13438 13439 ip1dbg(("ipif_down: need to wait, adding pending mp %s ill %p", 13440 ill->ill_name, (void *)ill)); 13441 /* 13442 * Enqueue the mp atomically in ipsq_pending_mp. When the refcount 13443 * drops down, the operation will be restarted by ipif_ill_refrele_tail 13444 * which in turn is called by the last refrele on the ipif/ill/ire. 13445 */ 13446 success = ipsq_pending_mp_add(connp, ipif, q, mp, IPIF_DOWN); 13447 if (!success) { 13448 /* The conn is closing. So just return */ 13449 ASSERT(connp != NULL); 13450 mutex_exit(&ill->ill_lock); 13451 mutex_exit(&connp->conn_lock); 13452 return (EINTR); 13453 } 13454 13455 mutex_exit(&ill->ill_lock); 13456 if (connp != NULL) 13457 mutex_exit(&connp->conn_lock); 13458 return (EINPROGRESS); 13459 } 13460 13461 int 13462 ipif_down_tail(ipif_t *ipif) 13463 { 13464 ill_t *ill = ipif->ipif_ill; 13465 int err = 0; 13466 13467 DTRACE_PROBE3(ipif__downup, char *, "ipif_down_tail", 13468 ill_t *, ill, ipif_t *, ipif); 13469 13470 /* 13471 * Skip any loopback interface (null wq). 13472 * If this is the last logical interface on the ill 13473 * have ill_dl_down tell the driver we are gone (unbind) 13474 * Note that lun 0 can ipif_down even though 13475 * there are other logical units that are up. 13476 * This occurs e.g. when we change a "significant" IFF_ flag. 13477 */ 13478 if (ill->ill_wq != NULL && !ill->ill_logical_down && 13479 ill->ill_ipif_up_count == 0 && ill->ill_ipif_dup_count == 0 && 13480 ill->ill_dl_up) { 13481 ill_dl_down(ill); 13482 } 13483 if (!ipif->ipif_isv6) 13484 err = ipif_arp_down(ipif); 13485 13486 ill->ill_logical_down = 0; 13487 13488 ip_rts_ifmsg(ipif, RTSQ_DEFAULT); 13489 ip_rts_newaddrmsg(RTM_DELETE, 0, ipif, RTSQ_DEFAULT); 13490 return (err); 13491 } 13492 13493 /* 13494 * Bring interface logically down without bringing the physical interface 13495 * down e.g. when the netmask is changed. This avoids long lasting link 13496 * negotiations between an ethernet interface and a certain switches. 13497 */ 13498 static int 13499 ipif_logical_down(ipif_t *ipif, queue_t *q, mblk_t *mp) 13500 { 13501 DTRACE_PROBE3(ipif__downup, char *, "ipif_logical_down", 13502 ill_t *, ipif->ipif_ill, ipif_t *, ipif); 13503 13504 /* 13505 * The ill_logical_down flag is a transient flag. It is set here 13506 * and is cleared once the down has completed in ipif_down_tail. 13507 * This flag does not indicate whether the ill stream is in the 13508 * DL_BOUND state with the driver. Instead this flag is used by 13509 * ipif_down_tail to determine whether to DL_UNBIND the stream with 13510 * the driver. The state of the ill stream i.e. whether it is 13511 * DL_BOUND with the driver or not is indicated by the ill_dl_up flag. 13512 */ 13513 ipif->ipif_ill->ill_logical_down = 1; 13514 return (ipif_down(ipif, q, mp)); 13515 } 13516 13517 /* 13518 * Initiate deallocate of an IPIF. Always called as writer. Called by 13519 * ill_delete or ip_sioctl_removeif. 13520 */ 13521 static void 13522 ipif_free(ipif_t *ipif) 13523 { 13524 ip_stack_t *ipst = ipif->ipif_ill->ill_ipst; 13525 13526 ASSERT(IAM_WRITER_IPIF(ipif)); 13527 13528 if (ipif->ipif_recovery_id != 0) 13529 (void) untimeout(ipif->ipif_recovery_id); 13530 ipif->ipif_recovery_id = 0; 13531 13532 /* 13533 * Take down the interface. We can be called either from ill_delete 13534 * or from ip_sioctl_removeif. 13535 */ 13536 (void) ipif_down(ipif, NULL, NULL); 13537 13538 /* 13539 * Now that the interface is down, there's no chance it can still 13540 * become a duplicate. Cancel any timer that may have been set while 13541 * tearing down. 13542 */ 13543 if (ipif->ipif_recovery_id != 0) 13544 (void) untimeout(ipif->ipif_recovery_id); 13545 ipif->ipif_recovery_id = 0; 13546 13547 rw_enter(&ipst->ips_ill_g_lock, RW_WRITER); 13548 /* Remove pointers to this ill in the multicast routing tables */ 13549 reset_mrt_vif_ipif(ipif); 13550 /* If necessary, clear the cached source ipif rotor. */ 13551 if (ipif->ipif_ill->ill_src_ipif == ipif) 13552 ipif->ipif_ill->ill_src_ipif = NULL; 13553 rw_exit(&ipst->ips_ill_g_lock); 13554 } 13555 13556 static void 13557 ipif_free_tail(ipif_t *ipif) 13558 { 13559 ip_stack_t *ipst = ipif->ipif_ill->ill_ipst; 13560 13561 /* 13562 * Need to hold both ill_g_lock and ill_lock while 13563 * inserting or removing an ipif from the linked list 13564 * of ipifs hanging off the ill. 13565 */ 13566 rw_enter(&ipst->ips_ill_g_lock, RW_WRITER); 13567 13568 #ifdef DEBUG 13569 ipif_trace_cleanup(ipif); 13570 #endif 13571 13572 /* Ask SCTP to take it out of it list */ 13573 sctp_update_ipif(ipif, SCTP_IPIF_REMOVE); 13574 ip_rts_newaddrmsg(RTM_FREEADDR, 0, ipif, RTSQ_DEFAULT); 13575 13576 /* Get it out of the ILL interface list. */ 13577 ipif_remove(ipif); 13578 rw_exit(&ipst->ips_ill_g_lock); 13579 13580 ASSERT(!(ipif->ipif_flags & (IPIF_UP | IPIF_DUPLICATE))); 13581 ASSERT(ipif->ipif_recovery_id == 0); 13582 ASSERT(ipif->ipif_ire_local == NULL); 13583 ASSERT(ipif->ipif_ire_if == NULL); 13584 13585 /* Free the memory. */ 13586 mi_free(ipif); 13587 } 13588 13589 /* 13590 * Sets `buf' to an ipif name of the form "ill_name:id", or "ill_name" if "id" 13591 * is zero. 13592 */ 13593 void 13594 ipif_get_name(const ipif_t *ipif, char *buf, int len) 13595 { 13596 char lbuf[LIFNAMSIZ]; 13597 char *name; 13598 size_t name_len; 13599 13600 buf[0] = '\0'; 13601 name = ipif->ipif_ill->ill_name; 13602 name_len = ipif->ipif_ill->ill_name_length; 13603 if (ipif->ipif_id != 0) { 13604 (void) sprintf(lbuf, "%s%c%d", name, IPIF_SEPARATOR_CHAR, 13605 ipif->ipif_id); 13606 name = lbuf; 13607 name_len = mi_strlen(name) + 1; 13608 } 13609 len -= 1; 13610 buf[len] = '\0'; 13611 len = MIN(len, name_len); 13612 bcopy(name, buf, len); 13613 } 13614 13615 /* 13616 * Sets `buf' to an ill name. 13617 */ 13618 void 13619 ill_get_name(const ill_t *ill, char *buf, int len) 13620 { 13621 char *name; 13622 size_t name_len; 13623 13624 name = ill->ill_name; 13625 name_len = ill->ill_name_length; 13626 len -= 1; 13627 buf[len] = '\0'; 13628 len = MIN(len, name_len); 13629 bcopy(name, buf, len); 13630 } 13631 13632 /* 13633 * Find an IPIF based on the name passed in. Names can be of the form <phys> 13634 * (e.g., le0) or <phys>:<#> (e.g., le0:1). When there is no colon, the 13635 * implied unit id is zero. <phys> must correspond to the name of an ILL. 13636 * (May be called as writer.) 13637 */ 13638 static ipif_t * 13639 ipif_lookup_on_name(char *name, size_t namelen, boolean_t do_alloc, 13640 boolean_t *exists, boolean_t isv6, zoneid_t zoneid, ip_stack_t *ipst) 13641 { 13642 char *cp; 13643 char *endp; 13644 long id; 13645 ill_t *ill; 13646 ipif_t *ipif; 13647 uint_t ire_type; 13648 boolean_t did_alloc = B_FALSE; 13649 char last; 13650 13651 /* 13652 * If the caller wants to us to create the ipif, make sure we have a 13653 * valid zoneid 13654 */ 13655 ASSERT(!do_alloc || zoneid != ALL_ZONES); 13656 13657 if (namelen == 0) { 13658 return (NULL); 13659 } 13660 13661 *exists = B_FALSE; 13662 /* Look for a colon in the name. */ 13663 endp = &name[namelen]; 13664 for (cp = endp; --cp > name; ) { 13665 if (*cp == IPIF_SEPARATOR_CHAR) 13666 break; 13667 } 13668 13669 if (*cp == IPIF_SEPARATOR_CHAR) { 13670 /* 13671 * Reject any non-decimal aliases for logical 13672 * interfaces. Aliases with leading zeroes 13673 * are also rejected as they introduce ambiguity 13674 * in the naming of the interfaces. 13675 * In order to confirm with existing semantics, 13676 * and to not break any programs/script relying 13677 * on that behaviour, if<0>:0 is considered to be 13678 * a valid interface. 13679 * 13680 * If alias has two or more digits and the first 13681 * is zero, fail. 13682 */ 13683 if (&cp[2] < endp && cp[1] == '0') { 13684 return (NULL); 13685 } 13686 } 13687 13688 if (cp <= name) { 13689 cp = endp; 13690 } 13691 last = *cp; 13692 *cp = '\0'; 13693 13694 /* 13695 * Look up the ILL, based on the portion of the name 13696 * before the slash. ill_lookup_on_name returns a held ill. 13697 * Temporary to check whether ill exists already. If so 13698 * ill_lookup_on_name will clear it. 13699 */ 13700 ill = ill_lookup_on_name(name, do_alloc, isv6, 13701 &did_alloc, ipst); 13702 *cp = last; 13703 if (ill == NULL) 13704 return (NULL); 13705 13706 /* Establish the unit number in the name. */ 13707 id = 0; 13708 if (cp < endp && *endp == '\0') { 13709 /* If there was a colon, the unit number follows. */ 13710 cp++; 13711 if (ddi_strtol(cp, NULL, 0, &id) != 0) { 13712 ill_refrele(ill); 13713 return (NULL); 13714 } 13715 } 13716 13717 mutex_enter(&ill->ill_lock); 13718 /* Now see if there is an IPIF with this unit number. */ 13719 for (ipif = ill->ill_ipif; ipif != NULL; ipif = ipif->ipif_next) { 13720 if (ipif->ipif_id == id) { 13721 if (zoneid != ALL_ZONES && 13722 zoneid != ipif->ipif_zoneid && 13723 ipif->ipif_zoneid != ALL_ZONES) { 13724 mutex_exit(&ill->ill_lock); 13725 ill_refrele(ill); 13726 return (NULL); 13727 } 13728 if (IPIF_CAN_LOOKUP(ipif)) { 13729 ipif_refhold_locked(ipif); 13730 mutex_exit(&ill->ill_lock); 13731 if (!did_alloc) 13732 *exists = B_TRUE; 13733 /* 13734 * Drop locks before calling ill_refrele 13735 * since it can potentially call into 13736 * ipif_ill_refrele_tail which can end up 13737 * in trying to acquire any lock. 13738 */ 13739 ill_refrele(ill); 13740 return (ipif); 13741 } 13742 } 13743 } 13744 13745 if (!do_alloc) { 13746 mutex_exit(&ill->ill_lock); 13747 ill_refrele(ill); 13748 return (NULL); 13749 } 13750 13751 /* 13752 * If none found, atomically allocate and return a new one. 13753 * Historically, we used IRE_LOOPBACK only for lun 0, and IRE_LOCAL 13754 * to support "receive only" use of lo0:1 etc. as is still done 13755 * below as an initial guess. 13756 * However, this is now likely to be overriden later in ipif_up_done() 13757 * when we know for sure what address has been configured on the 13758 * interface, since we might have more than one loopback interface 13759 * with a loopback address, e.g. in the case of zones, and all the 13760 * interfaces with loopback addresses need to be marked IRE_LOOPBACK. 13761 */ 13762 if (ill->ill_net_type == IRE_LOOPBACK && id == 0) 13763 ire_type = IRE_LOOPBACK; 13764 else 13765 ire_type = IRE_LOCAL; 13766 ipif = ipif_allocate(ill, id, ire_type, B_TRUE, B_TRUE, NULL); 13767 if (ipif != NULL) 13768 ipif_refhold_locked(ipif); 13769 mutex_exit(&ill->ill_lock); 13770 ill_refrele(ill); 13771 return (ipif); 13772 } 13773 13774 /* 13775 * Variant of the above that queues the request on the ipsq when 13776 * IPIF_CHANGING is set. 13777 */ 13778 static ipif_t * 13779 ipif_lookup_on_name_async(char *name, size_t namelen, boolean_t isv6, 13780 zoneid_t zoneid, queue_t *q, mblk_t *mp, ipsq_func_t func, int *error, 13781 ip_stack_t *ipst) 13782 { 13783 char *cp; 13784 char *endp; 13785 long id; 13786 ill_t *ill; 13787 ipif_t *ipif; 13788 boolean_t did_alloc = B_FALSE; 13789 ipsq_t *ipsq; 13790 13791 if (error != NULL) 13792 *error = 0; 13793 13794 if (namelen == 0) { 13795 if (error != NULL) 13796 *error = ENXIO; 13797 return (NULL); 13798 } 13799 13800 /* Look for a colon in the name. */ 13801 endp = &name[namelen]; 13802 for (cp = endp; --cp > name; ) { 13803 if (*cp == IPIF_SEPARATOR_CHAR) 13804 break; 13805 } 13806 13807 if (*cp == IPIF_SEPARATOR_CHAR) { 13808 /* 13809 * Reject any non-decimal aliases for logical 13810 * interfaces. Aliases with leading zeroes 13811 * are also rejected as they introduce ambiguity 13812 * in the naming of the interfaces. 13813 * In order to confirm with existing semantics, 13814 * and to not break any programs/script relying 13815 * on that behaviour, if<0>:0 is considered to be 13816 * a valid interface. 13817 * 13818 * If alias has two or more digits and the first 13819 * is zero, fail. 13820 */ 13821 if (&cp[2] < endp && cp[1] == '0') { 13822 if (error != NULL) 13823 *error = EINVAL; 13824 return (NULL); 13825 } 13826 } 13827 13828 if (cp <= name) { 13829 cp = endp; 13830 } else { 13831 *cp = '\0'; 13832 } 13833 13834 /* 13835 * Look up the ILL, based on the portion of the name 13836 * before the slash. ill_lookup_on_name returns a held ill. 13837 * Temporary to check whether ill exists already. If so 13838 * ill_lookup_on_name will clear it. 13839 */ 13840 ill = ill_lookup_on_name(name, B_FALSE, isv6, &did_alloc, ipst); 13841 if (cp != endp) 13842 *cp = IPIF_SEPARATOR_CHAR; 13843 if (ill == NULL) 13844 return (NULL); 13845 13846 /* Establish the unit number in the name. */ 13847 id = 0; 13848 if (cp < endp && *endp == '\0') { 13849 /* If there was a colon, the unit number follows. */ 13850 cp++; 13851 if (ddi_strtol(cp, NULL, 0, &id) != 0) { 13852 ill_refrele(ill); 13853 if (error != NULL) 13854 *error = ENXIO; 13855 return (NULL); 13856 } 13857 } 13858 13859 GRAB_CONN_LOCK(q); 13860 mutex_enter(&ill->ill_lock); 13861 /* Now see if there is an IPIF with this unit number. */ 13862 for (ipif = ill->ill_ipif; ipif != NULL; ipif = ipif->ipif_next) { 13863 if (ipif->ipif_id == id) { 13864 if (zoneid != ALL_ZONES && 13865 zoneid != ipif->ipif_zoneid && 13866 ipif->ipif_zoneid != ALL_ZONES) { 13867 mutex_exit(&ill->ill_lock); 13868 RELEASE_CONN_LOCK(q); 13869 ill_refrele(ill); 13870 if (error != NULL) 13871 *error = ENXIO; 13872 return (NULL); 13873 } 13874 13875 if (!(IPIF_IS_CHANGING(ipif) || 13876 IPIF_IS_CONDEMNED(ipif)) || 13877 IAM_WRITER_IPIF(ipif)) { 13878 ipif_refhold_locked(ipif); 13879 mutex_exit(&ill->ill_lock); 13880 /* 13881 * Drop locks before calling ill_refrele 13882 * since it can potentially call into 13883 * ipif_ill_refrele_tail which can end up 13884 * in trying to acquire any lock. 13885 */ 13886 RELEASE_CONN_LOCK(q); 13887 ill_refrele(ill); 13888 return (ipif); 13889 } else if (q != NULL && !IPIF_IS_CONDEMNED(ipif)) { 13890 ipsq = ill->ill_phyint->phyint_ipsq; 13891 mutex_enter(&ipsq->ipsq_lock); 13892 mutex_enter(&ipsq->ipsq_xop->ipx_lock); 13893 mutex_exit(&ill->ill_lock); 13894 ipsq_enq(ipsq, q, mp, func, NEW_OP, ill); 13895 mutex_exit(&ipsq->ipsq_xop->ipx_lock); 13896 mutex_exit(&ipsq->ipsq_lock); 13897 RELEASE_CONN_LOCK(q); 13898 ill_refrele(ill); 13899 if (error != NULL) 13900 *error = EINPROGRESS; 13901 return (NULL); 13902 } 13903 } 13904 } 13905 RELEASE_CONN_LOCK(q); 13906 mutex_exit(&ill->ill_lock); 13907 ill_refrele(ill); 13908 if (error != NULL) 13909 *error = ENXIO; 13910 return (NULL); 13911 } 13912 13913 /* 13914 * This routine is called whenever a new address comes up on an ipif. If 13915 * we are configured to respond to address mask requests, then we are supposed 13916 * to broadcast an address mask reply at this time. This routine is also 13917 * called if we are already up, but a netmask change is made. This is legal 13918 * but might not make the system manager very popular. (May be called 13919 * as writer.) 13920 */ 13921 void 13922 ipif_mask_reply(ipif_t *ipif) 13923 { 13924 icmph_t *icmph; 13925 ipha_t *ipha; 13926 mblk_t *mp; 13927 ip_stack_t *ipst = ipif->ipif_ill->ill_ipst; 13928 ip_xmit_attr_t ixas; 13929 13930 #define REPLY_LEN (sizeof (icmp_ipha) + sizeof (icmph_t) + IP_ADDR_LEN) 13931 13932 if (!ipst->ips_ip_respond_to_address_mask_broadcast) 13933 return; 13934 13935 /* ICMP mask reply is IPv4 only */ 13936 ASSERT(!ipif->ipif_isv6); 13937 /* ICMP mask reply is not for a loopback interface */ 13938 ASSERT(ipif->ipif_ill->ill_wq != NULL); 13939 13940 if (ipif->ipif_lcl_addr == INADDR_ANY) 13941 return; 13942 13943 mp = allocb(REPLY_LEN, BPRI_HI); 13944 if (mp == NULL) 13945 return; 13946 mp->b_wptr = mp->b_rptr + REPLY_LEN; 13947 13948 ipha = (ipha_t *)mp->b_rptr; 13949 bzero(ipha, REPLY_LEN); 13950 *ipha = icmp_ipha; 13951 ipha->ipha_ttl = ipst->ips_ip_broadcast_ttl; 13952 ipha->ipha_src = ipif->ipif_lcl_addr; 13953 ipha->ipha_dst = ipif->ipif_brd_addr; 13954 ipha->ipha_length = htons(REPLY_LEN); 13955 ipha->ipha_ident = 0; 13956 13957 icmph = (icmph_t *)&ipha[1]; 13958 icmph->icmph_type = ICMP_ADDRESS_MASK_REPLY; 13959 bcopy(&ipif->ipif_net_mask, &icmph[1], IP_ADDR_LEN); 13960 icmph->icmph_checksum = IP_CSUM(mp, sizeof (ipha_t), 0); 13961 13962 bzero(&ixas, sizeof (ixas)); 13963 ixas.ixa_flags = IXAF_BASIC_SIMPLE_V4; 13964 ixas.ixa_zoneid = ALL_ZONES; 13965 ixas.ixa_ifindex = 0; 13966 ixas.ixa_ipst = ipst; 13967 ixas.ixa_multicast_ttl = IP_DEFAULT_MULTICAST_TTL; 13968 (void) ip_output_simple(mp, &ixas); 13969 ixa_cleanup(&ixas); 13970 #undef REPLY_LEN 13971 } 13972 13973 /* 13974 * Join the ipif specific multicast groups. 13975 * Must be called after a mapping has been set up in the resolver. (Always 13976 * called as writer.) 13977 */ 13978 void 13979 ipif_multicast_up(ipif_t *ipif) 13980 { 13981 int err; 13982 ill_t *ill; 13983 ilm_t *ilm; 13984 13985 ASSERT(IAM_WRITER_IPIF(ipif)); 13986 13987 ill = ipif->ipif_ill; 13988 13989 ip1dbg(("ipif_multicast_up\n")); 13990 if (!(ill->ill_flags & ILLF_MULTICAST) || 13991 ipif->ipif_allhosts_ilm != NULL) 13992 return; 13993 13994 if (ipif->ipif_isv6) { 13995 in6_addr_t v6allmc = ipv6_all_hosts_mcast; 13996 in6_addr_t v6solmc = ipv6_solicited_node_mcast; 13997 13998 v6solmc.s6_addr32[3] |= ipif->ipif_v6lcl_addr.s6_addr32[3]; 13999 14000 if (IN6_IS_ADDR_UNSPECIFIED(&ipif->ipif_v6lcl_addr)) 14001 return; 14002 14003 ip1dbg(("ipif_multicast_up - addmulti\n")); 14004 14005 /* 14006 * Join the all hosts multicast address. We skip this for 14007 * underlying IPMP interfaces since they should be invisible. 14008 */ 14009 if (!IS_UNDER_IPMP(ill)) { 14010 ilm = ip_addmulti(&v6allmc, ill, ipif->ipif_zoneid, 14011 &err); 14012 if (ilm == NULL) { 14013 ASSERT(err != 0); 14014 ip0dbg(("ipif_multicast_up: " 14015 "all_hosts_mcast failed %d\n", err)); 14016 return; 14017 } 14018 ipif->ipif_allhosts_ilm = ilm; 14019 } 14020 14021 /* 14022 * Enable multicast for the solicited node multicast address. 14023 * If IPMP we need to put the membership on the upper ill. 14024 */ 14025 if (!(ipif->ipif_flags & IPIF_NOLOCAL)) { 14026 ill_t *mcast_ill = NULL; 14027 boolean_t need_refrele; 14028 14029 if (IS_UNDER_IPMP(ill) && 14030 (mcast_ill = ipmp_ill_hold_ipmp_ill(ill)) != NULL) { 14031 need_refrele = B_TRUE; 14032 } else { 14033 mcast_ill = ill; 14034 need_refrele = B_FALSE; 14035 } 14036 14037 ilm = ip_addmulti(&v6solmc, mcast_ill, 14038 ipif->ipif_zoneid, &err); 14039 if (need_refrele) 14040 ill_refrele(mcast_ill); 14041 14042 if (ilm == NULL) { 14043 ASSERT(err != 0); 14044 ip0dbg(("ipif_multicast_up: solicited MC" 14045 " failed %d\n", err)); 14046 if ((ilm = ipif->ipif_allhosts_ilm) != NULL) { 14047 ipif->ipif_allhosts_ilm = NULL; 14048 (void) ip_delmulti(ilm); 14049 } 14050 return; 14051 } 14052 ipif->ipif_solmulti_ilm = ilm; 14053 } 14054 } else { 14055 in6_addr_t v6group; 14056 14057 if (ipif->ipif_lcl_addr == INADDR_ANY || IS_UNDER_IPMP(ill)) 14058 return; 14059 14060 /* Join the all hosts multicast address */ 14061 ip1dbg(("ipif_multicast_up - addmulti\n")); 14062 IN6_IPADDR_TO_V4MAPPED(htonl(INADDR_ALLHOSTS_GROUP), &v6group); 14063 14064 ilm = ip_addmulti(&v6group, ill, ipif->ipif_zoneid, &err); 14065 if (ilm == NULL) { 14066 ASSERT(err != 0); 14067 ip0dbg(("ipif_multicast_up: failed %d\n", err)); 14068 return; 14069 } 14070 ipif->ipif_allhosts_ilm = ilm; 14071 } 14072 } 14073 14074 /* 14075 * Blow away any multicast groups that we joined in ipif_multicast_up(). 14076 * (ilms from explicit memberships are handled in conn_update_ill.) 14077 */ 14078 void 14079 ipif_multicast_down(ipif_t *ipif) 14080 { 14081 ASSERT(IAM_WRITER_IPIF(ipif)); 14082 14083 ip1dbg(("ipif_multicast_down\n")); 14084 14085 if (ipif->ipif_allhosts_ilm != NULL) { 14086 (void) ip_delmulti(ipif->ipif_allhosts_ilm); 14087 ipif->ipif_allhosts_ilm = NULL; 14088 } 14089 if (ipif->ipif_solmulti_ilm != NULL) { 14090 (void) ip_delmulti(ipif->ipif_solmulti_ilm); 14091 ipif->ipif_solmulti_ilm = NULL; 14092 } 14093 } 14094 14095 /* 14096 * Used when an interface comes up to recreate any extra routes on this 14097 * interface. 14098 */ 14099 int 14100 ill_recover_saved_ire(ill_t *ill) 14101 { 14102 mblk_t *mp; 14103 ip_stack_t *ipst = ill->ill_ipst; 14104 14105 ip1dbg(("ill_recover_saved_ire(%s)", ill->ill_name)); 14106 14107 mutex_enter(&ill->ill_saved_ire_lock); 14108 for (mp = ill->ill_saved_ire_mp; mp != NULL; mp = mp->b_cont) { 14109 ire_t *ire, *nire; 14110 ifrt_t *ifrt; 14111 14112 ifrt = (ifrt_t *)mp->b_rptr; 14113 /* 14114 * Create a copy of the IRE with the saved address and netmask. 14115 */ 14116 if (ill->ill_isv6) { 14117 ire = ire_create_v6( 14118 &ifrt->ifrt_v6addr, 14119 &ifrt->ifrt_v6mask, 14120 &ifrt->ifrt_v6gateway_addr, 14121 ifrt->ifrt_type, 14122 ill, 14123 ifrt->ifrt_zoneid, 14124 ifrt->ifrt_flags, 14125 NULL, 14126 ipst); 14127 } else { 14128 ire = ire_create( 14129 (uint8_t *)&ifrt->ifrt_addr, 14130 (uint8_t *)&ifrt->ifrt_mask, 14131 (uint8_t *)&ifrt->ifrt_gateway_addr, 14132 ifrt->ifrt_type, 14133 ill, 14134 ifrt->ifrt_zoneid, 14135 ifrt->ifrt_flags, 14136 NULL, 14137 ipst); 14138 } 14139 if (ire == NULL) { 14140 mutex_exit(&ill->ill_saved_ire_lock); 14141 return (ENOMEM); 14142 } 14143 14144 if (ifrt->ifrt_flags & RTF_SETSRC) { 14145 if (ill->ill_isv6) { 14146 ire->ire_setsrc_addr_v6 = 14147 ifrt->ifrt_v6setsrc_addr; 14148 } else { 14149 ire->ire_setsrc_addr = ifrt->ifrt_setsrc_addr; 14150 } 14151 } 14152 14153 /* 14154 * Some software (for example, GateD and Sun Cluster) attempts 14155 * to create (what amount to) IRE_PREFIX routes with the 14156 * loopback address as the gateway. This is primarily done to 14157 * set up prefixes with the RTF_REJECT flag set (for example, 14158 * when generating aggregate routes.) 14159 * 14160 * If the IRE type (as defined by ill->ill_net_type) is 14161 * IRE_LOOPBACK, then we map the request into a 14162 * IRE_IF_NORESOLVER. 14163 */ 14164 if (ill->ill_net_type == IRE_LOOPBACK) 14165 ire->ire_type = IRE_IF_NORESOLVER; 14166 14167 /* 14168 * ire held by ire_add, will be refreled' towards the 14169 * the end of ipif_up_done 14170 */ 14171 nire = ire_add(ire); 14172 /* 14173 * Check if it was a duplicate entry. This handles 14174 * the case of two racing route adds for the same route 14175 */ 14176 if (nire == NULL) { 14177 ip1dbg(("ill_recover_saved_ire: FAILED\n")); 14178 } else if (nire != ire) { 14179 ip1dbg(("ill_recover_saved_ire: duplicate ire %p\n", 14180 (void *)nire)); 14181 ire_delete(nire); 14182 } else { 14183 ip1dbg(("ill_recover_saved_ire: added ire %p\n", 14184 (void *)nire)); 14185 } 14186 if (nire != NULL) 14187 ire_refrele(nire); 14188 } 14189 mutex_exit(&ill->ill_saved_ire_lock); 14190 return (0); 14191 } 14192 14193 /* 14194 * Used to set the netmask and broadcast address to default values when the 14195 * interface is brought up. (Always called as writer.) 14196 */ 14197 static void 14198 ipif_set_default(ipif_t *ipif) 14199 { 14200 ASSERT(MUTEX_HELD(&ipif->ipif_ill->ill_lock)); 14201 14202 if (!ipif->ipif_isv6) { 14203 /* 14204 * Interface holds an IPv4 address. Default 14205 * mask is the natural netmask. 14206 */ 14207 if (!ipif->ipif_net_mask) { 14208 ipaddr_t v4mask; 14209 14210 v4mask = ip_net_mask(ipif->ipif_lcl_addr); 14211 V4MASK_TO_V6(v4mask, ipif->ipif_v6net_mask); 14212 } 14213 if (ipif->ipif_flags & IPIF_POINTOPOINT) { 14214 /* ipif_subnet is ipif_pp_dst_addr for pt-pt */ 14215 ipif->ipif_v6subnet = ipif->ipif_v6pp_dst_addr; 14216 } else { 14217 V6_MASK_COPY(ipif->ipif_v6lcl_addr, 14218 ipif->ipif_v6net_mask, ipif->ipif_v6subnet); 14219 } 14220 /* 14221 * NOTE: SunOS 4.X does this even if the broadcast address 14222 * has been already set thus we do the same here. 14223 */ 14224 if (ipif->ipif_flags & IPIF_BROADCAST) { 14225 ipaddr_t v4addr; 14226 14227 v4addr = ipif->ipif_subnet | ~ipif->ipif_net_mask; 14228 IN6_IPADDR_TO_V4MAPPED(v4addr, &ipif->ipif_v6brd_addr); 14229 } 14230 } else { 14231 /* 14232 * Interface holds an IPv6-only address. Default 14233 * mask is all-ones. 14234 */ 14235 if (IN6_IS_ADDR_UNSPECIFIED(&ipif->ipif_v6net_mask)) 14236 ipif->ipif_v6net_mask = ipv6_all_ones; 14237 if (ipif->ipif_flags & IPIF_POINTOPOINT) { 14238 /* ipif_subnet is ipif_pp_dst_addr for pt-pt */ 14239 ipif->ipif_v6subnet = ipif->ipif_v6pp_dst_addr; 14240 } else { 14241 V6_MASK_COPY(ipif->ipif_v6lcl_addr, 14242 ipif->ipif_v6net_mask, ipif->ipif_v6subnet); 14243 } 14244 } 14245 } 14246 14247 /* 14248 * Return 0 if this address can be used as local address without causing 14249 * duplicate address problems. Otherwise, return EADDRNOTAVAIL if the address 14250 * is already up on a different ill, and EADDRINUSE if it's up on the same ill. 14251 * Note that the same IPv6 link-local address is allowed as long as the ills 14252 * are not on the same link. 14253 */ 14254 int 14255 ip_addr_availability_check(ipif_t *new_ipif) 14256 { 14257 in6_addr_t our_v6addr; 14258 ill_t *ill; 14259 ipif_t *ipif; 14260 ill_walk_context_t ctx; 14261 ip_stack_t *ipst = new_ipif->ipif_ill->ill_ipst; 14262 14263 ASSERT(IAM_WRITER_IPIF(new_ipif)); 14264 ASSERT(MUTEX_HELD(&ipst->ips_ip_addr_avail_lock)); 14265 ASSERT(RW_READ_HELD(&ipst->ips_ill_g_lock)); 14266 14267 new_ipif->ipif_flags &= ~IPIF_UNNUMBERED; 14268 if (IN6_IS_ADDR_UNSPECIFIED(&new_ipif->ipif_v6lcl_addr) || 14269 IN6_IS_ADDR_V4MAPPED_ANY(&new_ipif->ipif_v6lcl_addr)) 14270 return (0); 14271 14272 our_v6addr = new_ipif->ipif_v6lcl_addr; 14273 14274 if (new_ipif->ipif_isv6) 14275 ill = ILL_START_WALK_V6(&ctx, ipst); 14276 else 14277 ill = ILL_START_WALK_V4(&ctx, ipst); 14278 14279 for (; ill != NULL; ill = ill_next(&ctx, ill)) { 14280 for (ipif = ill->ill_ipif; ipif != NULL; 14281 ipif = ipif->ipif_next) { 14282 if ((ipif == new_ipif) || 14283 !(ipif->ipif_flags & IPIF_UP) || 14284 (ipif->ipif_flags & IPIF_UNNUMBERED) || 14285 !IN6_ARE_ADDR_EQUAL(&ipif->ipif_v6lcl_addr, 14286 &our_v6addr)) 14287 continue; 14288 14289 if (new_ipif->ipif_flags & IPIF_POINTOPOINT) 14290 new_ipif->ipif_flags |= IPIF_UNNUMBERED; 14291 else if (ipif->ipif_flags & IPIF_POINTOPOINT) 14292 ipif->ipif_flags |= IPIF_UNNUMBERED; 14293 else if ((IN6_IS_ADDR_LINKLOCAL(&our_v6addr) || 14294 IN6_IS_ADDR_SITELOCAL(&our_v6addr)) && 14295 !IS_ON_SAME_LAN(ill, new_ipif->ipif_ill)) 14296 continue; 14297 else if (new_ipif->ipif_zoneid != ipif->ipif_zoneid && 14298 ipif->ipif_zoneid != ALL_ZONES && IS_LOOPBACK(ill)) 14299 continue; 14300 else if (new_ipif->ipif_ill == ill) 14301 return (EADDRINUSE); 14302 else 14303 return (EADDRNOTAVAIL); 14304 } 14305 } 14306 14307 return (0); 14308 } 14309 14310 /* 14311 * Bring up an ipif: bring up arp/ndp, bring up the DLPI stream, and add 14312 * IREs for the ipif. 14313 * When the routine returns EINPROGRESS then mp has been consumed and 14314 * the ioctl will be acked from ip_rput_dlpi. 14315 */ 14316 int 14317 ipif_up(ipif_t *ipif, queue_t *q, mblk_t *mp) 14318 { 14319 ill_t *ill = ipif->ipif_ill; 14320 boolean_t isv6 = ipif->ipif_isv6; 14321 int err = 0; 14322 boolean_t success; 14323 uint_t ipif_orig_id; 14324 ip_stack_t *ipst = ill->ill_ipst; 14325 14326 ASSERT(IAM_WRITER_IPIF(ipif)); 14327 14328 ip1dbg(("ipif_up(%s:%u)\n", ill->ill_name, ipif->ipif_id)); 14329 DTRACE_PROBE3(ipif__downup, char *, "ipif_up", 14330 ill_t *, ill, ipif_t *, ipif); 14331 14332 /* Shouldn't get here if it is already up. */ 14333 if (ipif->ipif_flags & IPIF_UP) 14334 return (EALREADY); 14335 14336 /* 14337 * If this is a request to bring up a data address on an interface 14338 * under IPMP, then move the address to its IPMP meta-interface and 14339 * try to bring it up. One complication is that the zeroth ipif for 14340 * an ill is special, in that every ill always has one, and that code 14341 * throughout IP deferences ill->ill_ipif without holding any locks. 14342 */ 14343 if (IS_UNDER_IPMP(ill) && ipmp_ipif_is_dataaddr(ipif) && 14344 (!ipif->ipif_isv6 || !V6_IPIF_LINKLOCAL(ipif))) { 14345 ipif_t *stubipif = NULL, *moveipif = NULL; 14346 ill_t *ipmp_ill = ipmp_illgrp_ipmp_ill(ill->ill_grp); 14347 14348 /* 14349 * The ipif being brought up should be quiesced. If it's not, 14350 * something has gone amiss and we need to bail out. (If it's 14351 * quiesced, we know it will remain so via IPIF_CONDEMNED.) 14352 */ 14353 mutex_enter(&ill->ill_lock); 14354 if (!ipif_is_quiescent(ipif)) { 14355 mutex_exit(&ill->ill_lock); 14356 return (EINVAL); 14357 } 14358 mutex_exit(&ill->ill_lock); 14359 14360 /* 14361 * If we're going to need to allocate ipifs, do it prior 14362 * to starting the move (and grabbing locks). 14363 */ 14364 if (ipif->ipif_id == 0) { 14365 if ((moveipif = ipif_allocate(ill, 0, IRE_LOCAL, B_TRUE, 14366 B_FALSE, &err)) == NULL) { 14367 return (err); 14368 } 14369 if ((stubipif = ipif_allocate(ill, 0, IRE_LOCAL, B_TRUE, 14370 B_FALSE, &err)) == NULL) { 14371 mi_free(moveipif); 14372 return (err); 14373 } 14374 } 14375 14376 /* 14377 * Grab or transfer the ipif to move. During the move, keep 14378 * ill_g_lock held to prevent any ill walker threads from 14379 * seeing things in an inconsistent state. 14380 */ 14381 rw_enter(&ipst->ips_ill_g_lock, RW_WRITER); 14382 if (ipif->ipif_id != 0) { 14383 ipif_remove(ipif); 14384 } else { 14385 ipif_transfer(ipif, moveipif, stubipif); 14386 ipif = moveipif; 14387 } 14388 14389 /* 14390 * Place the ipif on the IPMP ill. If the zeroth ipif on 14391 * the IPMP ill is a stub (0.0.0.0 down address) then we 14392 * replace that one. Otherwise, pick the next available slot. 14393 */ 14394 ipif->ipif_ill = ipmp_ill; 14395 ipif_orig_id = ipif->ipif_id; 14396 14397 if (ipmp_ipif_is_stubaddr(ipmp_ill->ill_ipif)) { 14398 ipif_transfer(ipif, ipmp_ill->ill_ipif, NULL); 14399 ipif = ipmp_ill->ill_ipif; 14400 } else { 14401 ipif->ipif_id = -1; 14402 if ((err = ipif_insert(ipif, B_FALSE)) != 0) { 14403 /* 14404 * No more available ipif_id's -- put it back 14405 * on the original ill and fail the operation. 14406 * Since we're writer on the ill, we can be 14407 * sure our old slot is still available. 14408 */ 14409 ipif->ipif_id = ipif_orig_id; 14410 ipif->ipif_ill = ill; 14411 if (ipif_orig_id == 0) { 14412 ipif_transfer(ipif, ill->ill_ipif, 14413 NULL); 14414 } else { 14415 VERIFY(ipif_insert(ipif, B_FALSE) == 0); 14416 } 14417 rw_exit(&ipst->ips_ill_g_lock); 14418 return (err); 14419 } 14420 } 14421 rw_exit(&ipst->ips_ill_g_lock); 14422 14423 /* 14424 * Tell SCTP that the ipif has moved. Note that even if we 14425 * had to allocate a new ipif, the original sequence id was 14426 * preserved and therefore SCTP won't know. 14427 */ 14428 sctp_move_ipif(ipif, ill, ipmp_ill); 14429 14430 /* 14431 * If the ipif being brought up was on slot zero, then we 14432 * first need to bring up the placeholder we stuck there. In 14433 * ip_rput_dlpi_writer(), arp_bringup_done(), or the recursive 14434 * call to ipif_up() itself, if we successfully bring up the 14435 * placeholder, we'll check ill_move_ipif and bring it up too. 14436 */ 14437 if (ipif_orig_id == 0) { 14438 ASSERT(ill->ill_move_ipif == NULL); 14439 ill->ill_move_ipif = ipif; 14440 if ((err = ipif_up(ill->ill_ipif, q, mp)) == 0) 14441 ASSERT(ill->ill_move_ipif == NULL); 14442 if (err != EINPROGRESS) 14443 ill->ill_move_ipif = NULL; 14444 return (err); 14445 } 14446 14447 /* 14448 * Bring it up on the IPMP ill. 14449 */ 14450 return (ipif_up(ipif, q, mp)); 14451 } 14452 14453 /* Skip arp/ndp for any loopback interface. */ 14454 if (ill->ill_wq != NULL) { 14455 conn_t *connp = CONN_Q(q) ? Q_TO_CONN(q) : NULL; 14456 ipsq_t *ipsq = ill->ill_phyint->phyint_ipsq; 14457 14458 if (!ill->ill_dl_up) { 14459 /* 14460 * ill_dl_up is not yet set. i.e. we are yet to 14461 * DL_BIND with the driver and this is the first 14462 * logical interface on the ill to become "up". 14463 * Tell the driver to get going (via DL_BIND_REQ). 14464 * Note that changing "significant" IFF_ flags 14465 * address/netmask etc cause a down/up dance, but 14466 * does not cause an unbind (DL_UNBIND) with the driver 14467 */ 14468 return (ill_dl_up(ill, ipif, mp, q)); 14469 } 14470 14471 /* 14472 * ipif_resolver_up may end up needeing to bind/attach 14473 * the ARP stream, which in turn necessitates a 14474 * DLPI message exchange with the driver. ioctls are 14475 * serialized and so we cannot send more than one 14476 * interface up message at a time. If ipif_resolver_up 14477 * does need to wait for the DLPI handshake for the ARP stream, 14478 * we get EINPROGRESS and we will complete in arp_bringup_done. 14479 */ 14480 14481 ASSERT(connp != NULL || !CONN_Q(q)); 14482 if (connp != NULL) 14483 mutex_enter(&connp->conn_lock); 14484 mutex_enter(&ill->ill_lock); 14485 success = ipsq_pending_mp_add(connp, ipif, q, mp, 0); 14486 mutex_exit(&ill->ill_lock); 14487 if (connp != NULL) 14488 mutex_exit(&connp->conn_lock); 14489 if (!success) 14490 return (EINTR); 14491 14492 /* 14493 * Crank up IPv6 neighbor discovery. Unlike ARP, this should 14494 * complete when ipif_ndp_up returns. 14495 */ 14496 err = ipif_resolver_up(ipif, Res_act_initial); 14497 if (err == EINPROGRESS) { 14498 /* We will complete it in arp_bringup_done() */ 14499 return (err); 14500 } 14501 14502 if (isv6 && err == 0) 14503 err = ipif_ndp_up(ipif, B_TRUE); 14504 14505 ASSERT(err != EINPROGRESS); 14506 mp = ipsq_pending_mp_get(ipsq, &connp); 14507 ASSERT(mp != NULL); 14508 if (err != 0) 14509 return (err); 14510 } else { 14511 /* 14512 * Interfaces without underlying hardware don't do duplicate 14513 * address detection. 14514 */ 14515 ASSERT(!(ipif->ipif_flags & IPIF_DUPLICATE)); 14516 ipif->ipif_addr_ready = 1; 14517 err = ill_add_ires(ill); 14518 /* allocation failure? */ 14519 if (err != 0) 14520 return (err); 14521 } 14522 14523 err = (isv6 ? ipif_up_done_v6(ipif) : ipif_up_done(ipif)); 14524 if (err == 0 && ill->ill_move_ipif != NULL) { 14525 ipif = ill->ill_move_ipif; 14526 ill->ill_move_ipif = NULL; 14527 return (ipif_up(ipif, q, mp)); 14528 } 14529 return (err); 14530 } 14531 14532 /* 14533 * Add any IREs tied to the ill. For now this is just an IRE_MULTICAST. 14534 * The identical set of IREs need to be removed in ill_delete_ires(). 14535 */ 14536 int 14537 ill_add_ires(ill_t *ill) 14538 { 14539 ire_t *ire; 14540 in6_addr_t dummy6 = {(uint32_t)V6_MCAST, 0, 0, 1}; 14541 in_addr_t dummy4 = htonl(INADDR_ALLHOSTS_GROUP); 14542 14543 if (ill->ill_ire_multicast != NULL) 14544 return (0); 14545 14546 /* 14547 * provide some dummy ire_addr for creating the ire. 14548 */ 14549 if (ill->ill_isv6) { 14550 ire = ire_create_v6(&dummy6, 0, 0, IRE_MULTICAST, ill, 14551 ALL_ZONES, RTF_UP, NULL, ill->ill_ipst); 14552 } else { 14553 ire = ire_create((uchar_t *)&dummy4, 0, 0, IRE_MULTICAST, ill, 14554 ALL_ZONES, RTF_UP, NULL, ill->ill_ipst); 14555 } 14556 if (ire == NULL) 14557 return (ENOMEM); 14558 14559 ill->ill_ire_multicast = ire; 14560 return (0); 14561 } 14562 14563 void 14564 ill_delete_ires(ill_t *ill) 14565 { 14566 if (ill->ill_ire_multicast != NULL) { 14567 /* 14568 * BIND/ATTACH completed; Release the ref for ill_ire_multicast 14569 * which was taken without any th_tracing enabled. 14570 * We also mark it as condemned (note that it was never added) 14571 * so that caching conn's can move off of it. 14572 */ 14573 ire_make_condemned(ill->ill_ire_multicast); 14574 ire_refrele_notr(ill->ill_ire_multicast); 14575 ill->ill_ire_multicast = NULL; 14576 } 14577 } 14578 14579 /* 14580 * Perform a bind for the physical device. 14581 * When the routine returns EINPROGRESS then mp has been consumed and 14582 * the ioctl will be acked from ip_rput_dlpi. 14583 * Allocate an unbind message and save it until ipif_down. 14584 */ 14585 static int 14586 ill_dl_up(ill_t *ill, ipif_t *ipif, mblk_t *mp, queue_t *q) 14587 { 14588 mblk_t *bind_mp = NULL; 14589 mblk_t *unbind_mp = NULL; 14590 conn_t *connp; 14591 boolean_t success; 14592 int err; 14593 14594 DTRACE_PROBE2(ill__downup, char *, "ill_dl_up", ill_t *, ill); 14595 14596 ip1dbg(("ill_dl_up(%s)\n", ill->ill_name)); 14597 ASSERT(IAM_WRITER_ILL(ill)); 14598 ASSERT(mp != NULL); 14599 14600 /* 14601 * Make sure we have an IRE_MULTICAST in case we immediately 14602 * start receiving packets. 14603 */ 14604 err = ill_add_ires(ill); 14605 if (err != 0) 14606 goto bad; 14607 14608 bind_mp = ip_dlpi_alloc(sizeof (dl_bind_req_t) + sizeof (long), 14609 DL_BIND_REQ); 14610 if (bind_mp == NULL) 14611 goto bad; 14612 ((dl_bind_req_t *)bind_mp->b_rptr)->dl_sap = ill->ill_sap; 14613 ((dl_bind_req_t *)bind_mp->b_rptr)->dl_service_mode = DL_CLDLS; 14614 14615 /* 14616 * ill_unbind_mp would be non-null if the following sequence had 14617 * happened: 14618 * - send DL_BIND_REQ to driver, wait for response 14619 * - multiple ioctls that need to bring the ipif up are encountered, 14620 * but they cannot enter the ipsq due to the outstanding DL_BIND_REQ. 14621 * These ioctls will then be enqueued on the ipsq 14622 * - a DL_ERROR_ACK is returned for the DL_BIND_REQ 14623 * At this point, the pending ioctls in the ipsq will be drained, and 14624 * since ill->ill_dl_up was not set, ill_dl_up would be invoked with 14625 * a non-null ill->ill_unbind_mp 14626 */ 14627 if (ill->ill_unbind_mp == NULL) { 14628 unbind_mp = ip_dlpi_alloc(sizeof (dl_unbind_req_t), 14629 DL_UNBIND_REQ); 14630 if (unbind_mp == NULL) 14631 goto bad; 14632 } 14633 /* 14634 * Record state needed to complete this operation when the 14635 * DL_BIND_ACK shows up. Also remember the pre-allocated mblks. 14636 */ 14637 connp = CONN_Q(q) ? Q_TO_CONN(q) : NULL; 14638 ASSERT(connp != NULL || !CONN_Q(q)); 14639 GRAB_CONN_LOCK(q); 14640 mutex_enter(&ipif->ipif_ill->ill_lock); 14641 success = ipsq_pending_mp_add(connp, ipif, q, mp, 0); 14642 mutex_exit(&ipif->ipif_ill->ill_lock); 14643 RELEASE_CONN_LOCK(q); 14644 if (!success) 14645 goto bad; 14646 14647 /* 14648 * Save the unbind message for ill_dl_down(); it will be consumed when 14649 * the interface goes down. 14650 */ 14651 if (ill->ill_unbind_mp == NULL) 14652 ill->ill_unbind_mp = unbind_mp; 14653 14654 ill_dlpi_send(ill, bind_mp); 14655 /* Send down link-layer capabilities probe if not already done. */ 14656 ill_capability_probe(ill); 14657 14658 /* 14659 * Sysid used to rely on the fact that netboots set domainname 14660 * and the like. Now that miniroot boots aren't strictly netboots 14661 * and miniroot network configuration is driven from userland 14662 * these things still need to be set. This situation can be detected 14663 * by comparing the interface being configured here to the one 14664 * dhcifname was set to reference by the boot loader. Once sysid is 14665 * converted to use dhcp_ipc_getinfo() this call can go away. 14666 */ 14667 if ((ipif->ipif_flags & IPIF_DHCPRUNNING) && 14668 (strcmp(ill->ill_name, dhcifname) == 0) && 14669 (strlen(srpc_domain) == 0)) { 14670 if (dhcpinit() != 0) 14671 cmn_err(CE_WARN, "no cached dhcp response"); 14672 } 14673 14674 /* 14675 * This operation will complete in ip_rput_dlpi with either 14676 * a DL_BIND_ACK or DL_ERROR_ACK. 14677 */ 14678 return (EINPROGRESS); 14679 bad: 14680 ip1dbg(("ill_dl_up(%s) FAILED\n", ill->ill_name)); 14681 14682 freemsg(bind_mp); 14683 freemsg(unbind_mp); 14684 return (ENOMEM); 14685 } 14686 14687 /* Add room for tcp+ip headers */ 14688 uint_t ip_loopback_mtuplus = IP_LOOPBACK_MTU + IP_SIMPLE_HDR_LENGTH + 20; 14689 14690 /* 14691 * DLPI and ARP is up. 14692 * Create all the IREs associated with an interface. Bring up multicast. 14693 * Set the interface flag and finish other initialization 14694 * that potentially had to be deferred to after DL_BIND_ACK. 14695 */ 14696 int 14697 ipif_up_done(ipif_t *ipif) 14698 { 14699 ill_t *ill = ipif->ipif_ill; 14700 int err = 0; 14701 boolean_t loopback = B_FALSE; 14702 boolean_t update_src_selection = B_TRUE; 14703 ipif_t *tmp_ipif; 14704 14705 ip1dbg(("ipif_up_done(%s:%u)\n", 14706 ipif->ipif_ill->ill_name, ipif->ipif_id)); 14707 DTRACE_PROBE3(ipif__downup, char *, "ipif_up_done", 14708 ill_t *, ill, ipif_t *, ipif); 14709 14710 /* Check if this is a loopback interface */ 14711 if (ipif->ipif_ill->ill_wq == NULL) 14712 loopback = B_TRUE; 14713 14714 ASSERT(!MUTEX_HELD(&ipif->ipif_ill->ill_lock)); 14715 14716 /* 14717 * If all other interfaces for this ill are down or DEPRECATED, 14718 * or otherwise unsuitable for source address selection, 14719 * reset the src generation numbers to make sure source 14720 * address selection gets to take this new ipif into account. 14721 * No need to hold ill_lock while traversing the ipif list since 14722 * we are writer 14723 */ 14724 for (tmp_ipif = ill->ill_ipif; tmp_ipif; 14725 tmp_ipif = tmp_ipif->ipif_next) { 14726 if (((tmp_ipif->ipif_flags & 14727 (IPIF_NOXMIT|IPIF_ANYCAST|IPIF_NOLOCAL|IPIF_DEPRECATED)) || 14728 !(tmp_ipif->ipif_flags & IPIF_UP)) || 14729 (tmp_ipif == ipif)) 14730 continue; 14731 /* first useable pre-existing interface */ 14732 update_src_selection = B_FALSE; 14733 break; 14734 } 14735 if (update_src_selection) 14736 ip_update_source_selection(ill->ill_ipst); 14737 14738 if (IS_LOOPBACK(ill) || ill->ill_net_type == IRE_IF_NORESOLVER) { 14739 nce_t *loop_nce = NULL; 14740 uint16_t flags = (NCE_F_MYADDR | NCE_F_AUTHORITY | NCE_F_NONUD); 14741 14742 /* 14743 * lo0:1 and subsequent ipifs were marked IRE_LOCAL in 14744 * ipif_lookup_on_name(), but in the case of zones we can have 14745 * several loopback addresses on lo0. So all the interfaces with 14746 * loopback addresses need to be marked IRE_LOOPBACK. 14747 */ 14748 if (V4_PART_OF_V6(ipif->ipif_v6lcl_addr) == 14749 htonl(INADDR_LOOPBACK)) 14750 ipif->ipif_ire_type = IRE_LOOPBACK; 14751 else 14752 ipif->ipif_ire_type = IRE_LOCAL; 14753 if (ill->ill_net_type != IRE_LOOPBACK) 14754 flags |= NCE_F_PUBLISH; 14755 14756 /* add unicast nce for the local addr */ 14757 err = nce_lookup_then_add_v4(ill, NULL, 14758 ill->ill_phys_addr_length, &ipif->ipif_lcl_addr, flags, 14759 ND_REACHABLE, &loop_nce); 14760 /* A shared-IP zone sees EEXIST for lo0:N */ 14761 if (err == 0 || err == EEXIST) { 14762 ipif->ipif_added_nce = 1; 14763 loop_nce->nce_ipif_cnt++; 14764 nce_refrele(loop_nce); 14765 err = 0; 14766 } else { 14767 ASSERT(loop_nce == NULL); 14768 return (err); 14769 } 14770 } 14771 14772 /* Create all the IREs associated with this interface */ 14773 err = ipif_add_ires_v4(ipif, loopback); 14774 if (err != 0) { 14775 /* 14776 * see comments about return value from 14777 * ip_addr_availability_check() in ipif_add_ires_v4(). 14778 */ 14779 if (err != EADDRINUSE) { 14780 (void) ipif_arp_down(ipif); 14781 } else { 14782 /* 14783 * Make IPMP aware of the deleted ipif so that 14784 * the needed ipmp cleanup (e.g., of ipif_bound_ill) 14785 * can be completed. Note that we do not want to 14786 * destroy the nce that was created on the ipmp_ill 14787 * for the active copy of the duplicate address in 14788 * use. 14789 */ 14790 if (IS_IPMP(ill)) 14791 ipmp_illgrp_del_ipif(ill->ill_grp, ipif); 14792 err = EADDRNOTAVAIL; 14793 } 14794 return (err); 14795 } 14796 14797 if (ill->ill_ipif_up_count == 1 && !loopback) { 14798 /* Recover any additional IREs entries for this ill */ 14799 (void) ill_recover_saved_ire(ill); 14800 } 14801 14802 if (ill->ill_need_recover_multicast) { 14803 /* 14804 * Need to recover all multicast memberships in the driver. 14805 * This had to be deferred until we had attached. The same 14806 * code exists in ipif_up_done_v6() to recover IPv6 14807 * memberships. 14808 * 14809 * Note that it would be preferable to unconditionally do the 14810 * ill_recover_multicast() in ill_dl_up(), but we cannot do 14811 * that since ill_join_allmulti() depends on ill_dl_up being 14812 * set, and it is not set until we receive a DL_BIND_ACK after 14813 * having called ill_dl_up(). 14814 */ 14815 ill_recover_multicast(ill); 14816 } 14817 14818 if (ill->ill_ipif_up_count == 1) { 14819 /* 14820 * Since the interface is now up, it may now be active. 14821 */ 14822 if (IS_UNDER_IPMP(ill)) 14823 ipmp_ill_refresh_active(ill); 14824 14825 /* 14826 * If this is an IPMP interface, we may now be able to 14827 * establish ARP entries. 14828 */ 14829 if (IS_IPMP(ill)) 14830 ipmp_illgrp_refresh_arpent(ill->ill_grp); 14831 } 14832 14833 /* Join the allhosts multicast address */ 14834 ipif_multicast_up(ipif); 14835 14836 if (!loopback && !update_src_selection && 14837 !(ipif->ipif_flags & (IPIF_NOLOCAL|IPIF_ANYCAST|IPIF_DEPRECATED))) 14838 ip_update_source_selection(ill->ill_ipst); 14839 14840 if (!loopback && ipif->ipif_addr_ready) { 14841 /* Broadcast an address mask reply. */ 14842 ipif_mask_reply(ipif); 14843 } 14844 /* Perhaps ilgs should use this ill */ 14845 update_conn_ill(NULL, ill->ill_ipst); 14846 14847 /* 14848 * This had to be deferred until we had bound. Tell routing sockets and 14849 * others that this interface is up if it looks like the address has 14850 * been validated. Otherwise, if it isn't ready yet, wait for 14851 * duplicate address detection to do its thing. 14852 */ 14853 if (ipif->ipif_addr_ready) 14854 ipif_up_notify(ipif); 14855 return (0); 14856 } 14857 14858 /* 14859 * Add the IREs associated with the ipif. 14860 * Those MUST be explicitly removed in ipif_delete_ires_v4. 14861 */ 14862 static int 14863 ipif_add_ires_v4(ipif_t *ipif, boolean_t loopback) 14864 { 14865 ill_t *ill = ipif->ipif_ill; 14866 ip_stack_t *ipst = ill->ill_ipst; 14867 ire_t *ire_array[20]; 14868 ire_t **irep = ire_array; 14869 ire_t **irep1; 14870 ipaddr_t net_mask = 0; 14871 ipaddr_t subnet_mask, route_mask; 14872 int err; 14873 ire_t *ire_local = NULL; /* LOCAL or LOOPBACK */ 14874 ire_t *ire_if = NULL; 14875 uchar_t *gw; 14876 14877 if ((ipif->ipif_lcl_addr != INADDR_ANY) && 14878 !(ipif->ipif_flags & IPIF_NOLOCAL)) { 14879 /* 14880 * If we're on a labeled system then make sure that zone- 14881 * private addresses have proper remote host database entries. 14882 */ 14883 if (is_system_labeled() && 14884 ipif->ipif_ire_type != IRE_LOOPBACK && 14885 !tsol_check_interface_address(ipif)) 14886 return (EINVAL); 14887 14888 /* Register the source address for __sin6_src_id */ 14889 err = ip_srcid_insert(&ipif->ipif_v6lcl_addr, 14890 ipif->ipif_zoneid, ipst); 14891 if (err != 0) { 14892 ip0dbg(("ipif_add_ires: srcid_insert %d\n", err)); 14893 return (err); 14894 } 14895 14896 if (loopback) 14897 gw = (uchar_t *)&ipif->ipif_lcl_addr; 14898 else 14899 gw = NULL; 14900 14901 /* If the interface address is set, create the local IRE. */ 14902 ire_local = ire_create( 14903 (uchar_t *)&ipif->ipif_lcl_addr, /* dest address */ 14904 (uchar_t *)&ip_g_all_ones, /* mask */ 14905 gw, /* gateway */ 14906 ipif->ipif_ire_type, /* LOCAL or LOOPBACK */ 14907 ipif->ipif_ill, 14908 ipif->ipif_zoneid, 14909 ((ipif->ipif_flags & IPIF_PRIVATE) ? 14910 RTF_PRIVATE : 0) | RTF_KERNEL, 14911 NULL, 14912 ipst); 14913 ip1dbg(("ipif_add_ires: 0x%p creating IRE %p type 0x%x" 14914 " for 0x%x\n", (void *)ipif, (void *)ire_local, 14915 ipif->ipif_ire_type, 14916 ntohl(ipif->ipif_lcl_addr))); 14917 if (ire_local == NULL) { 14918 ip1dbg(("ipif_up_done: NULL ire_local\n")); 14919 err = ENOMEM; 14920 goto bad; 14921 } 14922 } else { 14923 ip1dbg(( 14924 "ipif_add_ires: not creating IRE %d for 0x%x: flags 0x%x\n", 14925 ipif->ipif_ire_type, 14926 ntohl(ipif->ipif_lcl_addr), 14927 (uint_t)ipif->ipif_flags)); 14928 } 14929 if ((ipif->ipif_lcl_addr != INADDR_ANY) && 14930 !(ipif->ipif_flags & IPIF_NOLOCAL)) { 14931 net_mask = ip_net_mask(ipif->ipif_lcl_addr); 14932 } else { 14933 net_mask = htonl(IN_CLASSA_NET); /* fallback */ 14934 } 14935 14936 subnet_mask = ipif->ipif_net_mask; 14937 14938 /* 14939 * If mask was not specified, use natural netmask of 14940 * interface address. Also, store this mask back into the 14941 * ipif struct. 14942 */ 14943 if (subnet_mask == 0) { 14944 subnet_mask = net_mask; 14945 V4MASK_TO_V6(subnet_mask, ipif->ipif_v6net_mask); 14946 V6_MASK_COPY(ipif->ipif_v6lcl_addr, ipif->ipif_v6net_mask, 14947 ipif->ipif_v6subnet); 14948 } 14949 14950 /* Set up the IRE_IF_RESOLVER or IRE_IF_NORESOLVER, as appropriate. */ 14951 if (!loopback && !(ipif->ipif_flags & IPIF_NOXMIT) && 14952 ipif->ipif_subnet != INADDR_ANY) { 14953 /* ipif_subnet is ipif_pp_dst_addr for pt-pt */ 14954 14955 if (ipif->ipif_flags & IPIF_POINTOPOINT) { 14956 route_mask = IP_HOST_MASK; 14957 } else { 14958 route_mask = subnet_mask; 14959 } 14960 14961 ip1dbg(("ipif_add_ires: ipif 0x%p ill 0x%p " 14962 "creating if IRE ill_net_type 0x%x for 0x%x\n", 14963 (void *)ipif, (void *)ill, ill->ill_net_type, 14964 ntohl(ipif->ipif_subnet))); 14965 ire_if = ire_create( 14966 (uchar_t *)&ipif->ipif_subnet, 14967 (uchar_t *)&route_mask, 14968 (uchar_t *)&ipif->ipif_lcl_addr, 14969 ill->ill_net_type, 14970 ill, 14971 ipif->ipif_zoneid, 14972 ((ipif->ipif_flags & IPIF_PRIVATE) ? 14973 RTF_PRIVATE: 0) | RTF_KERNEL, 14974 NULL, 14975 ipst); 14976 if (ire_if == NULL) { 14977 ip1dbg(("ipif_up_done: NULL ire_if\n")); 14978 err = ENOMEM; 14979 goto bad; 14980 } 14981 } 14982 14983 /* 14984 * Create any necessary broadcast IREs. 14985 */ 14986 if ((ipif->ipif_flags & IPIF_BROADCAST) && 14987 !(ipif->ipif_flags & IPIF_NOXMIT)) 14988 irep = ipif_create_bcast_ires(ipif, irep); 14989 14990 /* If an earlier ire_create failed, get out now */ 14991 for (irep1 = irep; irep1 > ire_array; ) { 14992 irep1--; 14993 if (*irep1 == NULL) { 14994 ip1dbg(("ipif_up_done: NULL ire found in ire_array\n")); 14995 err = ENOMEM; 14996 goto bad; 14997 } 14998 } 14999 15000 /* 15001 * Need to atomically check for IP address availability under 15002 * ip_addr_avail_lock. ill_g_lock is held as reader to ensure no new 15003 * ills or new ipifs can be added while we are checking availability. 15004 */ 15005 rw_enter(&ipst->ips_ill_g_lock, RW_READER); 15006 mutex_enter(&ipst->ips_ip_addr_avail_lock); 15007 /* Mark it up, and increment counters. */ 15008 ipif->ipif_flags |= IPIF_UP; 15009 ill->ill_ipif_up_count++; 15010 err = ip_addr_availability_check(ipif); 15011 mutex_exit(&ipst->ips_ip_addr_avail_lock); 15012 rw_exit(&ipst->ips_ill_g_lock); 15013 15014 if (err != 0) { 15015 /* 15016 * Our address may already be up on the same ill. In this case, 15017 * the ARP entry for our ipif replaced the one for the other 15018 * ipif. So we don't want to delete it (otherwise the other ipif 15019 * would be unable to send packets). 15020 * ip_addr_availability_check() identifies this case for us and 15021 * returns EADDRINUSE; Caller should turn it into EADDRNOTAVAIL 15022 * which is the expected error code. 15023 */ 15024 ill->ill_ipif_up_count--; 15025 ipif->ipif_flags &= ~IPIF_UP; 15026 goto bad; 15027 } 15028 15029 /* 15030 * Add in all newly created IREs. ire_create_bcast() has 15031 * already checked for duplicates of the IRE_BROADCAST type. 15032 * We add the IRE_INTERFACE before the IRE_LOCAL to ensure 15033 * that lookups find the IRE_LOCAL even if the IRE_INTERFACE is 15034 * a /32 route. 15035 */ 15036 if (ire_if != NULL) { 15037 ire_if = ire_add(ire_if); 15038 if (ire_if == NULL) { 15039 err = ENOMEM; 15040 goto bad2; 15041 } 15042 #ifdef DEBUG 15043 ire_refhold_notr(ire_if); 15044 ire_refrele(ire_if); 15045 #endif 15046 } 15047 if (ire_local != NULL) { 15048 ire_local = ire_add(ire_local); 15049 if (ire_local == NULL) { 15050 err = ENOMEM; 15051 goto bad2; 15052 } 15053 #ifdef DEBUG 15054 ire_refhold_notr(ire_local); 15055 ire_refrele(ire_local); 15056 #endif 15057 } 15058 rw_enter(&ipst->ips_ill_g_lock, RW_WRITER); 15059 if (ire_local != NULL) 15060 ipif->ipif_ire_local = ire_local; 15061 if (ire_if != NULL) 15062 ipif->ipif_ire_if = ire_if; 15063 rw_exit(&ipst->ips_ill_g_lock); 15064 ire_local = NULL; 15065 ire_if = NULL; 15066 15067 /* 15068 * We first add all of them, and if that succeeds we refrele the 15069 * bunch. That enables us to delete all of them should any of the 15070 * ire_adds fail. 15071 */ 15072 for (irep1 = irep; irep1 > ire_array; ) { 15073 irep1--; 15074 ASSERT(!MUTEX_HELD(&((*irep1)->ire_ill->ill_lock))); 15075 *irep1 = ire_add(*irep1); 15076 if (*irep1 == NULL) { 15077 err = ENOMEM; 15078 goto bad2; 15079 } 15080 } 15081 15082 for (irep1 = irep; irep1 > ire_array; ) { 15083 irep1--; 15084 /* refheld by ire_add. */ 15085 if (*irep1 != NULL) { 15086 ire_refrele(*irep1); 15087 *irep1 = NULL; 15088 } 15089 } 15090 15091 if (!loopback) { 15092 /* 15093 * If the broadcast address has been set, make sure it makes 15094 * sense based on the interface address. 15095 * Only match on ill since we are sharing broadcast addresses. 15096 */ 15097 if ((ipif->ipif_brd_addr != INADDR_ANY) && 15098 (ipif->ipif_flags & IPIF_BROADCAST)) { 15099 ire_t *ire; 15100 15101 ire = ire_ftable_lookup_v4(ipif->ipif_brd_addr, 0, 0, 15102 IRE_BROADCAST, ipif->ipif_ill, ALL_ZONES, NULL, 15103 (MATCH_IRE_TYPE | MATCH_IRE_ILL), 0, ipst, NULL); 15104 15105 if (ire == NULL) { 15106 /* 15107 * If there isn't a matching broadcast IRE, 15108 * revert to the default for this netmask. 15109 */ 15110 ipif->ipif_v6brd_addr = ipv6_all_zeros; 15111 mutex_enter(&ipif->ipif_ill->ill_lock); 15112 ipif_set_default(ipif); 15113 mutex_exit(&ipif->ipif_ill->ill_lock); 15114 } else { 15115 ire_refrele(ire); 15116 } 15117 } 15118 15119 } 15120 return (0); 15121 15122 bad2: 15123 ill->ill_ipif_up_count--; 15124 ipif->ipif_flags &= ~IPIF_UP; 15125 15126 bad: 15127 ip1dbg(("ipif_add_ires: FAILED \n")); 15128 if (ire_local != NULL) 15129 ire_delete(ire_local); 15130 if (ire_if != NULL) 15131 ire_delete(ire_if); 15132 15133 rw_enter(&ipst->ips_ill_g_lock, RW_WRITER); 15134 ire_local = ipif->ipif_ire_local; 15135 ipif->ipif_ire_local = NULL; 15136 ire_if = ipif->ipif_ire_if; 15137 ipif->ipif_ire_if = NULL; 15138 rw_exit(&ipst->ips_ill_g_lock); 15139 if (ire_local != NULL) { 15140 ire_delete(ire_local); 15141 ire_refrele_notr(ire_local); 15142 } 15143 if (ire_if != NULL) { 15144 ire_delete(ire_if); 15145 ire_refrele_notr(ire_if); 15146 } 15147 15148 while (irep > ire_array) { 15149 irep--; 15150 if (*irep != NULL) { 15151 ire_delete(*irep); 15152 } 15153 } 15154 (void) ip_srcid_remove(&ipif->ipif_v6lcl_addr, ipif->ipif_zoneid, ipst); 15155 15156 return (err); 15157 } 15158 15159 /* Remove all the IREs created by ipif_add_ires_v4 */ 15160 void 15161 ipif_delete_ires_v4(ipif_t *ipif) 15162 { 15163 ill_t *ill = ipif->ipif_ill; 15164 ip_stack_t *ipst = ill->ill_ipst; 15165 ire_t *ire; 15166 15167 rw_enter(&ipst->ips_ill_g_lock, RW_WRITER); 15168 ire = ipif->ipif_ire_local; 15169 ipif->ipif_ire_local = NULL; 15170 rw_exit(&ipst->ips_ill_g_lock); 15171 if (ire != NULL) { 15172 /* 15173 * Move count to ipif so we don't loose the count due to 15174 * a down/up dance. 15175 */ 15176 atomic_add_32(&ipif->ipif_ib_pkt_count, ire->ire_ib_pkt_count); 15177 15178 ire_delete(ire); 15179 ire_refrele_notr(ire); 15180 } 15181 rw_enter(&ipst->ips_ill_g_lock, RW_WRITER); 15182 ire = ipif->ipif_ire_if; 15183 ipif->ipif_ire_if = NULL; 15184 rw_exit(&ipst->ips_ill_g_lock); 15185 if (ire != NULL) { 15186 ire_delete(ire); 15187 ire_refrele_notr(ire); 15188 } 15189 15190 /* 15191 * Delete the broadcast IREs. 15192 */ 15193 if ((ipif->ipif_flags & IPIF_BROADCAST) && 15194 !(ipif->ipif_flags & IPIF_NOXMIT)) 15195 ipif_delete_bcast_ires(ipif); 15196 } 15197 15198 /* 15199 * Checks for availbility of a usable source address (if there is one) when the 15200 * destination ILL has the ill_usesrc_ifindex pointing to another ILL. Note 15201 * this selection is done regardless of the destination. 15202 */ 15203 boolean_t 15204 ipif_zone_avail(uint_t ifindex, boolean_t isv6, zoneid_t zoneid, 15205 ip_stack_t *ipst) 15206 { 15207 ipif_t *ipif = NULL; 15208 ill_t *uill; 15209 15210 ASSERT(ifindex != 0); 15211 15212 uill = ill_lookup_on_ifindex(ifindex, isv6, ipst); 15213 if (uill == NULL) 15214 return (B_FALSE); 15215 15216 mutex_enter(&uill->ill_lock); 15217 for (ipif = uill->ill_ipif; ipif != NULL; ipif = ipif->ipif_next) { 15218 if (IPIF_IS_CONDEMNED(ipif)) 15219 continue; 15220 if (ipif->ipif_flags & (IPIF_NOLOCAL|IPIF_ANYCAST)) 15221 continue; 15222 if (!(ipif->ipif_flags & IPIF_UP)) 15223 continue; 15224 if (ipif->ipif_zoneid != zoneid) 15225 continue; 15226 if (isv6 ? IN6_IS_ADDR_UNSPECIFIED(&ipif->ipif_v6lcl_addr) : 15227 ipif->ipif_lcl_addr == INADDR_ANY) 15228 continue; 15229 mutex_exit(&uill->ill_lock); 15230 ill_refrele(uill); 15231 return (B_TRUE); 15232 } 15233 mutex_exit(&uill->ill_lock); 15234 ill_refrele(uill); 15235 return (B_FALSE); 15236 } 15237 15238 /* 15239 * Find an ipif with a good local address on the ill+zoneid. 15240 */ 15241 ipif_t * 15242 ipif_good_addr(ill_t *ill, zoneid_t zoneid) 15243 { 15244 ipif_t *ipif; 15245 15246 mutex_enter(&ill->ill_lock); 15247 for (ipif = ill->ill_ipif; ipif != NULL; ipif = ipif->ipif_next) { 15248 if (IPIF_IS_CONDEMNED(ipif)) 15249 continue; 15250 if (ipif->ipif_flags & (IPIF_NOLOCAL|IPIF_ANYCAST)) 15251 continue; 15252 if (!(ipif->ipif_flags & IPIF_UP)) 15253 continue; 15254 if (ipif->ipif_zoneid != zoneid && 15255 ipif->ipif_zoneid != ALL_ZONES && zoneid != ALL_ZONES) 15256 continue; 15257 if (ill->ill_isv6 ? 15258 IN6_IS_ADDR_UNSPECIFIED(&ipif->ipif_v6lcl_addr) : 15259 ipif->ipif_lcl_addr == INADDR_ANY) 15260 continue; 15261 ipif_refhold_locked(ipif); 15262 mutex_exit(&ill->ill_lock); 15263 return (ipif); 15264 } 15265 mutex_exit(&ill->ill_lock); 15266 return (NULL); 15267 } 15268 15269 /* 15270 * IP source address type, sorted from worst to best. For a given type, 15271 * always prefer IP addresses on the same subnet. All-zones addresses are 15272 * suboptimal because they pose problems with unlabeled destinations. 15273 */ 15274 typedef enum { 15275 IPIF_NONE, 15276 IPIF_DIFFNET_DEPRECATED, /* deprecated and different subnet */ 15277 IPIF_SAMENET_DEPRECATED, /* deprecated and same subnet */ 15278 IPIF_DIFFNET_ALLZONES, /* allzones and different subnet */ 15279 IPIF_SAMENET_ALLZONES, /* allzones and same subnet */ 15280 IPIF_DIFFNET, /* normal and different subnet */ 15281 IPIF_SAMENET, /* normal and same subnet */ 15282 IPIF_LOCALADDR /* local loopback */ 15283 } ipif_type_t; 15284 15285 /* 15286 * Pick the optimal ipif on `ill' for sending to destination `dst' from zone 15287 * `zoneid'. We rate usable ipifs from low -> high as per the ipif_type_t 15288 * enumeration, and return the highest-rated ipif. If there's a tie, we pick 15289 * the first one, unless IPMP is used in which case we round-robin among them; 15290 * see below for more. 15291 * 15292 * Returns NULL if there is no suitable source address for the ill. 15293 * This only occurs when there is no valid source address for the ill. 15294 */ 15295 ipif_t * 15296 ipif_select_source_v4(ill_t *ill, ipaddr_t dst, zoneid_t zoneid, 15297 boolean_t allow_usesrc, boolean_t *notreadyp) 15298 { 15299 ill_t *usill = NULL; 15300 ill_t *ipmp_ill = NULL; 15301 ipif_t *start_ipif, *next_ipif, *ipif, *best_ipif; 15302 ipif_type_t type, best_type; 15303 tsol_tpc_t *src_rhtp, *dst_rhtp; 15304 ip_stack_t *ipst = ill->ill_ipst; 15305 boolean_t samenet; 15306 15307 if (ill->ill_usesrc_ifindex != 0 && allow_usesrc) { 15308 usill = ill_lookup_on_ifindex(ill->ill_usesrc_ifindex, 15309 B_FALSE, ipst); 15310 if (usill != NULL) 15311 ill = usill; /* Select source from usesrc ILL */ 15312 else 15313 return (NULL); 15314 } 15315 15316 /* 15317 * Test addresses should never be used for source address selection, 15318 * so if we were passed one, switch to the IPMP meta-interface. 15319 */ 15320 if (IS_UNDER_IPMP(ill)) { 15321 if ((ipmp_ill = ipmp_ill_hold_ipmp_ill(ill)) != NULL) 15322 ill = ipmp_ill; /* Select source from IPMP ill */ 15323 else 15324 return (NULL); 15325 } 15326 15327 /* 15328 * If we're dealing with an unlabeled destination on a labeled system, 15329 * make sure that we ignore source addresses that are incompatible with 15330 * the destination's default label. That destination's default label 15331 * must dominate the minimum label on the source address. 15332 */ 15333 dst_rhtp = NULL; 15334 if (is_system_labeled()) { 15335 dst_rhtp = find_tpc(&dst, IPV4_VERSION, B_FALSE); 15336 if (dst_rhtp == NULL) 15337 return (NULL); 15338 if (dst_rhtp->tpc_tp.host_type != UNLABELED) { 15339 TPC_RELE(dst_rhtp); 15340 dst_rhtp = NULL; 15341 } 15342 } 15343 15344 /* 15345 * Hold the ill_g_lock as reader. This makes sure that no ipif/ill 15346 * can be deleted. But an ipif/ill can get CONDEMNED any time. 15347 * After selecting the right ipif, under ill_lock make sure ipif is 15348 * not condemned, and increment refcnt. If ipif is CONDEMNED, 15349 * we retry. Inside the loop we still need to check for CONDEMNED, 15350 * but not under a lock. 15351 */ 15352 rw_enter(&ipst->ips_ill_g_lock, RW_READER); 15353 retry: 15354 /* 15355 * For source address selection, we treat the ipif list as circular 15356 * and continue until we get back to where we started. This allows 15357 * IPMP to vary source address selection (which improves inbound load 15358 * spreading) by caching its last ending point and starting from 15359 * there. NOTE: we don't have to worry about ill_src_ipif changing 15360 * ills since that can't happen on the IPMP ill. 15361 */ 15362 start_ipif = ill->ill_ipif; 15363 if (IS_IPMP(ill) && ill->ill_src_ipif != NULL) 15364 start_ipif = ill->ill_src_ipif; 15365 15366 ipif = start_ipif; 15367 best_ipif = NULL; 15368 best_type = IPIF_NONE; 15369 do { 15370 if ((next_ipif = ipif->ipif_next) == NULL) 15371 next_ipif = ill->ill_ipif; 15372 15373 if (IPIF_IS_CONDEMNED(ipif)) 15374 continue; 15375 /* Always skip NOLOCAL and ANYCAST interfaces */ 15376 if (ipif->ipif_flags & (IPIF_NOLOCAL|IPIF_ANYCAST)) 15377 continue; 15378 /* Always skip NOACCEPT interfaces */ 15379 if (ipif->ipif_ill->ill_flags & ILLF_NOACCEPT) 15380 continue; 15381 if (!(ipif->ipif_flags & IPIF_UP)) 15382 continue; 15383 15384 if (!ipif->ipif_addr_ready) { 15385 if (notreadyp != NULL) 15386 *notreadyp = B_TRUE; 15387 continue; 15388 } 15389 15390 if (zoneid != ALL_ZONES && 15391 ipif->ipif_zoneid != zoneid && 15392 ipif->ipif_zoneid != ALL_ZONES) 15393 continue; 15394 15395 /* 15396 * Interfaces with 0.0.0.0 address are allowed to be UP, but 15397 * are not valid as source addresses. 15398 */ 15399 if (ipif->ipif_lcl_addr == INADDR_ANY) 15400 continue; 15401 15402 /* 15403 * Check compatibility of local address for destination's 15404 * default label if we're on a labeled system. Incompatible 15405 * addresses can't be used at all. 15406 */ 15407 if (dst_rhtp != NULL) { 15408 boolean_t incompat; 15409 15410 src_rhtp = find_tpc(&ipif->ipif_lcl_addr, 15411 IPV4_VERSION, B_FALSE); 15412 if (src_rhtp == NULL) 15413 continue; 15414 incompat = src_rhtp->tpc_tp.host_type != SUN_CIPSO || 15415 src_rhtp->tpc_tp.tp_doi != 15416 dst_rhtp->tpc_tp.tp_doi || 15417 (!_blinrange(&dst_rhtp->tpc_tp.tp_def_label, 15418 &src_rhtp->tpc_tp.tp_sl_range_cipso) && 15419 !blinlset(&dst_rhtp->tpc_tp.tp_def_label, 15420 src_rhtp->tpc_tp.tp_sl_set_cipso)); 15421 TPC_RELE(src_rhtp); 15422 if (incompat) 15423 continue; 15424 } 15425 15426 samenet = ((ipif->ipif_net_mask & dst) == ipif->ipif_subnet); 15427 15428 if (ipif->ipif_lcl_addr == dst) { 15429 type = IPIF_LOCALADDR; 15430 } else if (ipif->ipif_flags & IPIF_DEPRECATED) { 15431 type = samenet ? IPIF_SAMENET_DEPRECATED : 15432 IPIF_DIFFNET_DEPRECATED; 15433 } else if (ipif->ipif_zoneid == ALL_ZONES) { 15434 type = samenet ? IPIF_SAMENET_ALLZONES : 15435 IPIF_DIFFNET_ALLZONES; 15436 } else { 15437 type = samenet ? IPIF_SAMENET : IPIF_DIFFNET; 15438 } 15439 15440 if (type > best_type) { 15441 best_type = type; 15442 best_ipif = ipif; 15443 if (best_type == IPIF_LOCALADDR) 15444 break; /* can't get better */ 15445 } 15446 } while ((ipif = next_ipif) != start_ipif); 15447 15448 if ((ipif = best_ipif) != NULL) { 15449 mutex_enter(&ipif->ipif_ill->ill_lock); 15450 if (IPIF_IS_CONDEMNED(ipif)) { 15451 mutex_exit(&ipif->ipif_ill->ill_lock); 15452 goto retry; 15453 } 15454 ipif_refhold_locked(ipif); 15455 15456 /* 15457 * For IPMP, update the source ipif rotor to the next ipif, 15458 * provided we can look it up. (We must not use it if it's 15459 * IPIF_CONDEMNED since we may have grabbed ill_g_lock after 15460 * ipif_free() checked ill_src_ipif.) 15461 */ 15462 if (IS_IPMP(ill) && ipif != NULL) { 15463 next_ipif = ipif->ipif_next; 15464 if (next_ipif != NULL && !IPIF_IS_CONDEMNED(next_ipif)) 15465 ill->ill_src_ipif = next_ipif; 15466 else 15467 ill->ill_src_ipif = NULL; 15468 } 15469 mutex_exit(&ipif->ipif_ill->ill_lock); 15470 } 15471 15472 rw_exit(&ipst->ips_ill_g_lock); 15473 if (usill != NULL) 15474 ill_refrele(usill); 15475 if (ipmp_ill != NULL) 15476 ill_refrele(ipmp_ill); 15477 if (dst_rhtp != NULL) 15478 TPC_RELE(dst_rhtp); 15479 15480 #ifdef DEBUG 15481 if (ipif == NULL) { 15482 char buf1[INET6_ADDRSTRLEN]; 15483 15484 ip1dbg(("ipif_select_source_v4(%s, %s) -> NULL\n", 15485 ill->ill_name, 15486 inet_ntop(AF_INET, &dst, buf1, sizeof (buf1)))); 15487 } else { 15488 char buf1[INET6_ADDRSTRLEN]; 15489 char buf2[INET6_ADDRSTRLEN]; 15490 15491 ip1dbg(("ipif_select_source_v4(%s, %s) -> %s\n", 15492 ipif->ipif_ill->ill_name, 15493 inet_ntop(AF_INET, &dst, buf1, sizeof (buf1)), 15494 inet_ntop(AF_INET, &ipif->ipif_lcl_addr, 15495 buf2, sizeof (buf2)))); 15496 } 15497 #endif /* DEBUG */ 15498 return (ipif); 15499 } 15500 15501 /* 15502 * Pick a source address based on the destination ill and an optional setsrc 15503 * address. 15504 * The result is stored in srcp. If generation is set, then put the source 15505 * generation number there before we look for the source address (to avoid 15506 * missing changes in the set of source addresses. 15507 * If flagsp is set, then us it to pass back ipif_flags. 15508 * 15509 * If the caller wants to cache the returned source address and detect when 15510 * that might be stale, the caller should pass in a generation argument, 15511 * which the caller can later compare against ips_src_generation 15512 * 15513 * The precedence order for selecting an IPv4 source address is: 15514 * - RTF_SETSRC on the offlink ire always wins. 15515 * - If usrsrc is set, swap the ill to be the usesrc one. 15516 * - If IPMP is used on the ill, select a random address from the most 15517 * preferred ones below: 15518 * 1. If onlink destination, same subnet and not deprecated, not ALL_ZONES 15519 * 2. Not deprecated, not ALL_ZONES 15520 * 3. If onlink destination, same subnet and not deprecated, ALL_ZONES 15521 * 4. Not deprecated, ALL_ZONES 15522 * 5. If onlink destination, same subnet and deprecated 15523 * 6. Deprecated. 15524 * 15525 * We have lower preference for ALL_ZONES IP addresses, 15526 * as they pose problems with unlabeled destinations. 15527 * 15528 * Note that when multiple IP addresses match e.g., #1 we pick 15529 * the first one if IPMP is not in use. With IPMP we randomize. 15530 */ 15531 int 15532 ip_select_source_v4(ill_t *ill, ipaddr_t setsrc, ipaddr_t dst, 15533 ipaddr_t multicast_ifaddr, 15534 zoneid_t zoneid, ip_stack_t *ipst, ipaddr_t *srcp, 15535 uint32_t *generation, uint64_t *flagsp) 15536 { 15537 ipif_t *ipif; 15538 boolean_t notready = B_FALSE; /* Set if !ipif_addr_ready found */ 15539 15540 if (flagsp != NULL) 15541 *flagsp = 0; 15542 15543 /* 15544 * Need to grab the generation number before we check to 15545 * avoid a race with a change to the set of local addresses. 15546 * No lock needed since the thread which updates the set of local 15547 * addresses use ipif/ill locks and exit those (hence a store memory 15548 * barrier) before doing the atomic increase of ips_src_generation. 15549 */ 15550 if (generation != NULL) { 15551 *generation = ipst->ips_src_generation; 15552 } 15553 15554 if (CLASSD(dst) && multicast_ifaddr != INADDR_ANY) { 15555 *srcp = multicast_ifaddr; 15556 return (0); 15557 } 15558 15559 /* Was RTF_SETSRC set on the first IRE in the recursive lookup? */ 15560 if (setsrc != INADDR_ANY) { 15561 *srcp = setsrc; 15562 return (0); 15563 } 15564 ipif = ipif_select_source_v4(ill, dst, zoneid, B_TRUE, ¬ready); 15565 if (ipif == NULL) { 15566 if (notready) 15567 return (ENETDOWN); 15568 else 15569 return (EADDRNOTAVAIL); 15570 } 15571 *srcp = ipif->ipif_lcl_addr; 15572 if (flagsp != NULL) 15573 *flagsp = ipif->ipif_flags; 15574 ipif_refrele(ipif); 15575 return (0); 15576 } 15577 15578 /* ARGSUSED */ 15579 int 15580 if_unitsel_restart(ipif_t *ipif, sin_t *dummy_sin, queue_t *q, mblk_t *mp, 15581 ip_ioctl_cmd_t *ipip, void *dummy_ifreq) 15582 { 15583 /* 15584 * ill_phyint_reinit merged the v4 and v6 into a single 15585 * ipsq. We might not have been able to complete the 15586 * operation in ipif_set_values, if we could not become 15587 * exclusive. If so restart it here. 15588 */ 15589 return (ipif_set_values_tail(ipif->ipif_ill, ipif, mp, q)); 15590 } 15591 15592 /* 15593 * Can operate on either a module or a driver queue. 15594 * Returns an error if not a module queue. 15595 */ 15596 /* ARGSUSED */ 15597 int 15598 if_unitsel(ipif_t *dummy_ipif, sin_t *dummy_sin, queue_t *q, mblk_t *mp, 15599 ip_ioctl_cmd_t *ipip, void *dummy_ifreq) 15600 { 15601 queue_t *q1 = q; 15602 char *cp; 15603 char interf_name[LIFNAMSIZ]; 15604 uint_t ppa = *(uint_t *)mp->b_cont->b_cont->b_rptr; 15605 15606 if (q->q_next == NULL) { 15607 ip1dbg(( 15608 "if_unitsel: IF_UNITSEL: no q_next\n")); 15609 return (EINVAL); 15610 } 15611 15612 if (((ill_t *)(q->q_ptr))->ill_name[0] != '\0') 15613 return (EALREADY); 15614 15615 do { 15616 q1 = q1->q_next; 15617 } while (q1->q_next); 15618 cp = q1->q_qinfo->qi_minfo->mi_idname; 15619 (void) sprintf(interf_name, "%s%d", cp, ppa); 15620 15621 /* 15622 * Here we are not going to delay the ioack until after 15623 * ACKs from DL_ATTACH_REQ/DL_BIND_REQ. So no need to save the 15624 * original ioctl message before sending the requests. 15625 */ 15626 return (ipif_set_values(q, mp, interf_name, &ppa)); 15627 } 15628 15629 /* ARGSUSED */ 15630 int 15631 ip_sioctl_sifname(ipif_t *dummy_ipif, sin_t *dummy_sin, queue_t *q, mblk_t *mp, 15632 ip_ioctl_cmd_t *ipip, void *dummy_ifreq) 15633 { 15634 return (ENXIO); 15635 } 15636 15637 /* 15638 * Create any IRE_BROADCAST entries for `ipif', and store those entries in 15639 * `irep'. Returns a pointer to the next free `irep' entry 15640 * A mirror exists in ipif_delete_bcast_ires(). 15641 * 15642 * The management of any "extra" or seemingly duplicate IRE_BROADCASTs is 15643 * done in ire_add. 15644 */ 15645 static ire_t ** 15646 ipif_create_bcast_ires(ipif_t *ipif, ire_t **irep) 15647 { 15648 ipaddr_t addr; 15649 ipaddr_t netmask = ip_net_mask(ipif->ipif_lcl_addr); 15650 ipaddr_t subnetmask = ipif->ipif_net_mask; 15651 ill_t *ill = ipif->ipif_ill; 15652 zoneid_t zoneid = ipif->ipif_zoneid; 15653 15654 ip1dbg(("ipif_create_bcast_ires: creating broadcast IREs\n")); 15655 15656 ASSERT(ipif->ipif_flags & IPIF_BROADCAST); 15657 ASSERT(!(ipif->ipif_flags & IPIF_NOXMIT)); 15658 15659 if (ipif->ipif_lcl_addr == INADDR_ANY || 15660 (ipif->ipif_flags & IPIF_NOLOCAL)) 15661 netmask = htonl(IN_CLASSA_NET); /* fallback */ 15662 15663 irep = ire_create_bcast(ill, 0, zoneid, irep); 15664 irep = ire_create_bcast(ill, INADDR_BROADCAST, zoneid, irep); 15665 15666 /* 15667 * For backward compatibility, we create net broadcast IREs based on 15668 * the old "IP address class system", since some old machines only 15669 * respond to these class derived net broadcast. However, we must not 15670 * create these net broadcast IREs if the subnetmask is shorter than 15671 * the IP address class based derived netmask. Otherwise, we may 15672 * create a net broadcast address which is the same as an IP address 15673 * on the subnet -- and then TCP will refuse to talk to that address. 15674 */ 15675 if (netmask < subnetmask) { 15676 addr = netmask & ipif->ipif_subnet; 15677 irep = ire_create_bcast(ill, addr, zoneid, irep); 15678 irep = ire_create_bcast(ill, ~netmask | addr, zoneid, irep); 15679 } 15680 15681 /* 15682 * Don't create IRE_BROADCAST IREs for the interface if the subnetmask 15683 * is 0xFFFFFFFF, as an IRE_LOCAL for that interface is already 15684 * created. Creating these broadcast IREs will only create confusion 15685 * as `addr' will be the same as the IP address. 15686 */ 15687 if (subnetmask != 0xFFFFFFFF) { 15688 addr = ipif->ipif_subnet; 15689 irep = ire_create_bcast(ill, addr, zoneid, irep); 15690 irep = ire_create_bcast(ill, ~subnetmask | addr, zoneid, irep); 15691 } 15692 15693 return (irep); 15694 } 15695 15696 /* 15697 * Mirror of ipif_create_bcast_ires() 15698 */ 15699 static void 15700 ipif_delete_bcast_ires(ipif_t *ipif) 15701 { 15702 ipaddr_t addr; 15703 ipaddr_t netmask = ip_net_mask(ipif->ipif_lcl_addr); 15704 ipaddr_t subnetmask = ipif->ipif_net_mask; 15705 ill_t *ill = ipif->ipif_ill; 15706 zoneid_t zoneid = ipif->ipif_zoneid; 15707 ire_t *ire; 15708 15709 ASSERT(ipif->ipif_flags & IPIF_BROADCAST); 15710 ASSERT(!(ipif->ipif_flags & IPIF_NOXMIT)); 15711 15712 if (ipif->ipif_lcl_addr == INADDR_ANY || 15713 (ipif->ipif_flags & IPIF_NOLOCAL)) 15714 netmask = htonl(IN_CLASSA_NET); /* fallback */ 15715 15716 ire = ire_lookup_bcast(ill, 0, zoneid); 15717 ASSERT(ire != NULL); 15718 ire_delete(ire); ire_refrele(ire); 15719 ire = ire_lookup_bcast(ill, INADDR_BROADCAST, zoneid); 15720 ASSERT(ire != NULL); 15721 ire_delete(ire); ire_refrele(ire); 15722 15723 /* 15724 * For backward compatibility, we create net broadcast IREs based on 15725 * the old "IP address class system", since some old machines only 15726 * respond to these class derived net broadcast. However, we must not 15727 * create these net broadcast IREs if the subnetmask is shorter than 15728 * the IP address class based derived netmask. Otherwise, we may 15729 * create a net broadcast address which is the same as an IP address 15730 * on the subnet -- and then TCP will refuse to talk to that address. 15731 */ 15732 if (netmask < subnetmask) { 15733 addr = netmask & ipif->ipif_subnet; 15734 ire = ire_lookup_bcast(ill, addr, zoneid); 15735 ASSERT(ire != NULL); 15736 ire_delete(ire); ire_refrele(ire); 15737 ire = ire_lookup_bcast(ill, ~netmask | addr, zoneid); 15738 ASSERT(ire != NULL); 15739 ire_delete(ire); ire_refrele(ire); 15740 } 15741 15742 /* 15743 * Don't create IRE_BROADCAST IREs for the interface if the subnetmask 15744 * is 0xFFFFFFFF, as an IRE_LOCAL for that interface is already 15745 * created. Creating these broadcast IREs will only create confusion 15746 * as `addr' will be the same as the IP address. 15747 */ 15748 if (subnetmask != 0xFFFFFFFF) { 15749 addr = ipif->ipif_subnet; 15750 ire = ire_lookup_bcast(ill, addr, zoneid); 15751 ASSERT(ire != NULL); 15752 ire_delete(ire); ire_refrele(ire); 15753 ire = ire_lookup_bcast(ill, ~subnetmask | addr, zoneid); 15754 ASSERT(ire != NULL); 15755 ire_delete(ire); ire_refrele(ire); 15756 } 15757 } 15758 15759 /* 15760 * Extract both the flags (including IFF_CANTCHANGE) such as IFF_IPV* 15761 * from lifr_flags and the name from lifr_name. 15762 * Set IFF_IPV* and ill_isv6 prior to doing the lookup 15763 * since ipif_lookup_on_name uses the _isv6 flags when matching. 15764 * Returns EINPROGRESS when mp has been consumed by queueing it on 15765 * ipx_pending_mp and the ioctl will complete in ip_rput. 15766 * 15767 * Can operate on either a module or a driver queue. 15768 * Returns an error if not a module queue. 15769 */ 15770 /* ARGSUSED */ 15771 int 15772 ip_sioctl_slifname(ipif_t *ipif, sin_t *sin, queue_t *q, mblk_t *mp, 15773 ip_ioctl_cmd_t *ipip, void *if_req) 15774 { 15775 ill_t *ill = q->q_ptr; 15776 phyint_t *phyi; 15777 ip_stack_t *ipst; 15778 struct lifreq *lifr = if_req; 15779 uint64_t new_flags; 15780 15781 ASSERT(ipif != NULL); 15782 ip1dbg(("ip_sioctl_slifname %s\n", lifr->lifr_name)); 15783 15784 if (q->q_next == NULL) { 15785 ip1dbg(("if_sioctl_slifname: SIOCSLIFNAME: no q_next\n")); 15786 return (EINVAL); 15787 } 15788 15789 /* 15790 * If we are not writer on 'q' then this interface exists already 15791 * and previous lookups (ip_extract_lifreq()) found this ipif -- 15792 * so return EALREADY. 15793 */ 15794 if (ill != ipif->ipif_ill) 15795 return (EALREADY); 15796 15797 if (ill->ill_name[0] != '\0') 15798 return (EALREADY); 15799 15800 /* 15801 * If there's another ill already with the requested name, ensure 15802 * that it's of the same type. Otherwise, ill_phyint_reinit() will 15803 * fuse together two unrelated ills, which will cause chaos. 15804 */ 15805 ipst = ill->ill_ipst; 15806 phyi = avl_find(&ipst->ips_phyint_g_list->phyint_list_avl_by_name, 15807 lifr->lifr_name, NULL); 15808 if (phyi != NULL) { 15809 ill_t *ill_mate = phyi->phyint_illv4; 15810 15811 if (ill_mate == NULL) 15812 ill_mate = phyi->phyint_illv6; 15813 ASSERT(ill_mate != NULL); 15814 15815 if (ill_mate->ill_media->ip_m_mac_type != 15816 ill->ill_media->ip_m_mac_type) { 15817 ip1dbg(("if_sioctl_slifname: SIOCSLIFNAME: attempt to " 15818 "use the same ill name on differing media\n")); 15819 return (EINVAL); 15820 } 15821 } 15822 15823 /* 15824 * We start off as IFF_IPV4 in ipif_allocate and become 15825 * IFF_IPV4 or IFF_IPV6 here depending on lifr_flags value. 15826 * The only flags that we read from user space are IFF_IPV4, 15827 * IFF_IPV6, and IFF_BROADCAST. 15828 * 15829 * This ill has not been inserted into the global list. 15830 * So we are still single threaded and don't need any lock 15831 * 15832 * Saniy check the flags. 15833 */ 15834 15835 if ((lifr->lifr_flags & IFF_BROADCAST) && 15836 ((lifr->lifr_flags & IFF_IPV6) || 15837 (!ill->ill_needs_attach && ill->ill_bcast_addr_length == 0))) { 15838 ip1dbg(("ip_sioctl_slifname: link not broadcast capable " 15839 "or IPv6 i.e., no broadcast \n")); 15840 return (EINVAL); 15841 } 15842 15843 new_flags = 15844 lifr->lifr_flags & (IFF_IPV6|IFF_IPV4|IFF_BROADCAST); 15845 15846 if ((new_flags ^ (IFF_IPV6|IFF_IPV4)) == 0) { 15847 ip1dbg(("ip_sioctl_slifname: flags must be exactly one of " 15848 "IFF_IPV4 or IFF_IPV6\n")); 15849 return (EINVAL); 15850 } 15851 15852 /* 15853 * We always start off as IPv4, so only need to check for IPv6. 15854 */ 15855 if ((new_flags & IFF_IPV6) != 0) { 15856 ill->ill_flags |= ILLF_IPV6; 15857 ill->ill_flags &= ~ILLF_IPV4; 15858 15859 if (lifr->lifr_flags & IFF_NOLINKLOCAL) 15860 ill->ill_flags |= ILLF_NOLINKLOCAL; 15861 } 15862 15863 if ((new_flags & IFF_BROADCAST) != 0) 15864 ipif->ipif_flags |= IPIF_BROADCAST; 15865 else 15866 ipif->ipif_flags &= ~IPIF_BROADCAST; 15867 15868 /* We started off as V4. */ 15869 if (ill->ill_flags & ILLF_IPV6) { 15870 ill->ill_phyint->phyint_illv6 = ill; 15871 ill->ill_phyint->phyint_illv4 = NULL; 15872 } 15873 15874 return (ipif_set_values(q, mp, lifr->lifr_name, &lifr->lifr_ppa)); 15875 } 15876 15877 /* ARGSUSED */ 15878 int 15879 ip_sioctl_slifname_restart(ipif_t *ipif, sin_t *sin, queue_t *q, mblk_t *mp, 15880 ip_ioctl_cmd_t *ipip, void *if_req) 15881 { 15882 /* 15883 * ill_phyint_reinit merged the v4 and v6 into a single 15884 * ipsq. We might not have been able to complete the 15885 * slifname in ipif_set_values, if we could not become 15886 * exclusive. If so restart it here 15887 */ 15888 return (ipif_set_values_tail(ipif->ipif_ill, ipif, mp, q)); 15889 } 15890 15891 /* 15892 * Return a pointer to the ipif which matches the index, IP version type and 15893 * zoneid. 15894 */ 15895 ipif_t * 15896 ipif_lookup_on_ifindex(uint_t index, boolean_t isv6, zoneid_t zoneid, 15897 ip_stack_t *ipst) 15898 { 15899 ill_t *ill; 15900 ipif_t *ipif = NULL; 15901 15902 ill = ill_lookup_on_ifindex(index, isv6, ipst); 15903 if (ill != NULL) { 15904 mutex_enter(&ill->ill_lock); 15905 for (ipif = ill->ill_ipif; ipif != NULL; 15906 ipif = ipif->ipif_next) { 15907 if (!IPIF_IS_CONDEMNED(ipif) && (zoneid == ALL_ZONES || 15908 zoneid == ipif->ipif_zoneid || 15909 ipif->ipif_zoneid == ALL_ZONES)) { 15910 ipif_refhold_locked(ipif); 15911 break; 15912 } 15913 } 15914 mutex_exit(&ill->ill_lock); 15915 ill_refrele(ill); 15916 } 15917 return (ipif); 15918 } 15919 15920 /* 15921 * Change an existing physical interface's index. If the new index 15922 * is acceptable we update the index and the phyint_list_avl_by_index tree. 15923 * Finally, we update other systems which may have a dependence on the 15924 * index value. 15925 */ 15926 /* ARGSUSED */ 15927 int 15928 ip_sioctl_slifindex(ipif_t *ipif, sin_t *sin, queue_t *q, mblk_t *mp, 15929 ip_ioctl_cmd_t *ipip, void *ifreq) 15930 { 15931 ill_t *ill; 15932 phyint_t *phyi; 15933 struct ifreq *ifr = (struct ifreq *)ifreq; 15934 struct lifreq *lifr = (struct lifreq *)ifreq; 15935 uint_t old_index, index; 15936 ip_stack_t *ipst = ipif->ipif_ill->ill_ipst; 15937 avl_index_t where; 15938 15939 if (ipip->ipi_cmd_type == IF_CMD) 15940 index = ifr->ifr_index; 15941 else 15942 index = lifr->lifr_index; 15943 15944 /* 15945 * Only allow on physical interface. Also, index zero is illegal. 15946 */ 15947 ill = ipif->ipif_ill; 15948 phyi = ill->ill_phyint; 15949 if (ipif->ipif_id != 0 || index == 0) { 15950 return (EINVAL); 15951 } 15952 15953 /* If the index is not changing, no work to do */ 15954 if (phyi->phyint_ifindex == index) 15955 return (0); 15956 15957 /* 15958 * Use phyint_exists() to determine if the new interface index 15959 * is already in use. If the index is unused then we need to 15960 * change the phyint's position in the phyint_list_avl_by_index 15961 * tree. If we do not do this, subsequent lookups (using the new 15962 * index value) will not find the phyint. 15963 */ 15964 rw_enter(&ipst->ips_ill_g_lock, RW_WRITER); 15965 if (phyint_exists(index, ipst)) { 15966 rw_exit(&ipst->ips_ill_g_lock); 15967 return (EEXIST); 15968 } 15969 15970 /* 15971 * The new index is unused. Set it in the phyint. However we must not 15972 * forget to trigger NE_IFINDEX_CHANGE event before the ifindex 15973 * changes. The event must be bound to old ifindex value. 15974 */ 15975 ill_nic_event_dispatch(ill, 0, NE_IFINDEX_CHANGE, 15976 &index, sizeof (index)); 15977 15978 old_index = phyi->phyint_ifindex; 15979 phyi->phyint_ifindex = index; 15980 15981 avl_remove(&ipst->ips_phyint_g_list->phyint_list_avl_by_index, phyi); 15982 (void) avl_find(&ipst->ips_phyint_g_list->phyint_list_avl_by_index, 15983 &index, &where); 15984 avl_insert(&ipst->ips_phyint_g_list->phyint_list_avl_by_index, 15985 phyi, where); 15986 rw_exit(&ipst->ips_ill_g_lock); 15987 15988 /* Update SCTP's ILL list */ 15989 sctp_ill_reindex(ill, old_index); 15990 15991 /* Send the routing sockets message */ 15992 ip_rts_ifmsg(ipif, RTSQ_DEFAULT); 15993 if (ILL_OTHER(ill)) 15994 ip_rts_ifmsg(ILL_OTHER(ill)->ill_ipif, RTSQ_DEFAULT); 15995 15996 /* Perhaps ilgs should use this ill */ 15997 update_conn_ill(NULL, ill->ill_ipst); 15998 return (0); 15999 } 16000 16001 /* ARGSUSED */ 16002 int 16003 ip_sioctl_get_lifindex(ipif_t *ipif, sin_t *sin, queue_t *q, mblk_t *mp, 16004 ip_ioctl_cmd_t *ipip, void *ifreq) 16005 { 16006 struct ifreq *ifr = (struct ifreq *)ifreq; 16007 struct lifreq *lifr = (struct lifreq *)ifreq; 16008 16009 ip1dbg(("ip_sioctl_get_lifindex(%s:%u %p)\n", 16010 ipif->ipif_ill->ill_name, ipif->ipif_id, (void *)ipif)); 16011 /* Get the interface index */ 16012 if (ipip->ipi_cmd_type == IF_CMD) { 16013 ifr->ifr_index = ipif->ipif_ill->ill_phyint->phyint_ifindex; 16014 } else { 16015 lifr->lifr_index = ipif->ipif_ill->ill_phyint->phyint_ifindex; 16016 } 16017 return (0); 16018 } 16019 16020 /* ARGSUSED */ 16021 int 16022 ip_sioctl_get_lifzone(ipif_t *ipif, sin_t *sin, queue_t *q, mblk_t *mp, 16023 ip_ioctl_cmd_t *ipip, void *ifreq) 16024 { 16025 struct lifreq *lifr = (struct lifreq *)ifreq; 16026 16027 ip1dbg(("ip_sioctl_get_lifzone(%s:%u %p)\n", 16028 ipif->ipif_ill->ill_name, ipif->ipif_id, (void *)ipif)); 16029 /* Get the interface zone */ 16030 ASSERT(ipip->ipi_cmd_type == LIF_CMD); 16031 lifr->lifr_zoneid = ipif->ipif_zoneid; 16032 return (0); 16033 } 16034 16035 /* 16036 * Set the zoneid of an interface. 16037 */ 16038 /* ARGSUSED */ 16039 int 16040 ip_sioctl_slifzone(ipif_t *ipif, sin_t *sin, queue_t *q, mblk_t *mp, 16041 ip_ioctl_cmd_t *ipip, void *ifreq) 16042 { 16043 struct lifreq *lifr = (struct lifreq *)ifreq; 16044 int err = 0; 16045 boolean_t need_up = B_FALSE; 16046 zone_t *zptr; 16047 zone_status_t status; 16048 zoneid_t zoneid; 16049 16050 ASSERT(ipip->ipi_cmd_type == LIF_CMD); 16051 if ((zoneid = lifr->lifr_zoneid) == ALL_ZONES) { 16052 if (!is_system_labeled()) 16053 return (ENOTSUP); 16054 zoneid = GLOBAL_ZONEID; 16055 } 16056 16057 /* cannot assign instance zero to a non-global zone */ 16058 if (ipif->ipif_id == 0 && zoneid != GLOBAL_ZONEID) 16059 return (ENOTSUP); 16060 16061 /* 16062 * Cannot assign to a zone that doesn't exist or is shutting down. In 16063 * the event of a race with the zone shutdown processing, since IP 16064 * serializes this ioctl and SIOCGLIFCONF/SIOCLIFREMOVEIF, we know the 16065 * interface will be cleaned up even if the zone is shut down 16066 * immediately after the status check. If the interface can't be brought 16067 * down right away, and the zone is shut down before the restart 16068 * function is called, we resolve the possible races by rechecking the 16069 * zone status in the restart function. 16070 */ 16071 if ((zptr = zone_find_by_id(zoneid)) == NULL) 16072 return (EINVAL); 16073 status = zone_status_get(zptr); 16074 zone_rele(zptr); 16075 16076 if (status != ZONE_IS_READY && status != ZONE_IS_RUNNING) 16077 return (EINVAL); 16078 16079 if (ipif->ipif_flags & IPIF_UP) { 16080 /* 16081 * If the interface is already marked up, 16082 * we call ipif_down which will take care 16083 * of ditching any IREs that have been set 16084 * up based on the old interface address. 16085 */ 16086 err = ipif_logical_down(ipif, q, mp); 16087 if (err == EINPROGRESS) 16088 return (err); 16089 (void) ipif_down_tail(ipif); 16090 need_up = B_TRUE; 16091 } 16092 16093 err = ip_sioctl_slifzone_tail(ipif, lifr->lifr_zoneid, q, mp, need_up); 16094 return (err); 16095 } 16096 16097 static int 16098 ip_sioctl_slifzone_tail(ipif_t *ipif, zoneid_t zoneid, 16099 queue_t *q, mblk_t *mp, boolean_t need_up) 16100 { 16101 int err = 0; 16102 ip_stack_t *ipst; 16103 16104 ip1dbg(("ip_sioctl_zoneid_tail(%s:%u %p)\n", 16105 ipif->ipif_ill->ill_name, ipif->ipif_id, (void *)ipif)); 16106 16107 if (CONN_Q(q)) 16108 ipst = CONNQ_TO_IPST(q); 16109 else 16110 ipst = ILLQ_TO_IPST(q); 16111 16112 /* 16113 * For exclusive stacks we don't allow a different zoneid than 16114 * global. 16115 */ 16116 if (ipst->ips_netstack->netstack_stackid != GLOBAL_NETSTACKID && 16117 zoneid != GLOBAL_ZONEID) 16118 return (EINVAL); 16119 16120 /* Set the new zone id. */ 16121 ipif->ipif_zoneid = zoneid; 16122 16123 /* Update sctp list */ 16124 sctp_update_ipif(ipif, SCTP_IPIF_UPDATE); 16125 16126 /* The default multicast interface might have changed */ 16127 ire_increment_multicast_generation(ipst, ipif->ipif_ill->ill_isv6); 16128 16129 if (need_up) { 16130 /* 16131 * Now bring the interface back up. If this 16132 * is the only IPIF for the ILL, ipif_up 16133 * will have to re-bind to the device, so 16134 * we may get back EINPROGRESS, in which 16135 * case, this IOCTL will get completed in 16136 * ip_rput_dlpi when we see the DL_BIND_ACK. 16137 */ 16138 err = ipif_up(ipif, q, mp); 16139 } 16140 return (err); 16141 } 16142 16143 /* ARGSUSED */ 16144 int 16145 ip_sioctl_slifzone_restart(ipif_t *ipif, sin_t *sin, queue_t *q, mblk_t *mp, 16146 ip_ioctl_cmd_t *ipip, void *if_req) 16147 { 16148 struct lifreq *lifr = (struct lifreq *)if_req; 16149 zoneid_t zoneid; 16150 zone_t *zptr; 16151 zone_status_t status; 16152 16153 ASSERT(ipip->ipi_cmd_type == LIF_CMD); 16154 if ((zoneid = lifr->lifr_zoneid) == ALL_ZONES) 16155 zoneid = GLOBAL_ZONEID; 16156 16157 ip1dbg(("ip_sioctl_slifzone_restart(%s:%u %p)\n", 16158 ipif->ipif_ill->ill_name, ipif->ipif_id, (void *)ipif)); 16159 16160 /* 16161 * We recheck the zone status to resolve the following race condition: 16162 * 1) process sends SIOCSLIFZONE to put hme0:1 in zone "myzone"; 16163 * 2) hme0:1 is up and can't be brought down right away; 16164 * ip_sioctl_slifzone() returns EINPROGRESS and the request is queued; 16165 * 3) zone "myzone" is halted; the zone status switches to 16166 * 'shutting_down' and the zones framework sends SIOCGLIFCONF to list 16167 * the interfaces to remove - hme0:1 is not returned because it's not 16168 * yet in "myzone", so it won't be removed; 16169 * 4) the restart function for SIOCSLIFZONE is called; without the 16170 * status check here, we would have hme0:1 in "myzone" after it's been 16171 * destroyed. 16172 * Note that if the status check fails, we need to bring the interface 16173 * back to its state prior to ip_sioctl_slifzone(), hence the call to 16174 * ipif_up_done[_v6](). 16175 */ 16176 status = ZONE_IS_UNINITIALIZED; 16177 if ((zptr = zone_find_by_id(zoneid)) != NULL) { 16178 status = zone_status_get(zptr); 16179 zone_rele(zptr); 16180 } 16181 if (status != ZONE_IS_READY && status != ZONE_IS_RUNNING) { 16182 if (ipif->ipif_isv6) { 16183 (void) ipif_up_done_v6(ipif); 16184 } else { 16185 (void) ipif_up_done(ipif); 16186 } 16187 return (EINVAL); 16188 } 16189 16190 (void) ipif_down_tail(ipif); 16191 16192 return (ip_sioctl_slifzone_tail(ipif, lifr->lifr_zoneid, q, mp, 16193 B_TRUE)); 16194 } 16195 16196 /* 16197 * Return the number of addresses on `ill' with one or more of the values 16198 * in `set' set and all of the values in `clear' clear. 16199 */ 16200 static uint_t 16201 ill_flagaddr_cnt(const ill_t *ill, uint64_t set, uint64_t clear) 16202 { 16203 ipif_t *ipif; 16204 uint_t cnt = 0; 16205 16206 ASSERT(IAM_WRITER_ILL(ill)); 16207 16208 for (ipif = ill->ill_ipif; ipif != NULL; ipif = ipif->ipif_next) 16209 if ((ipif->ipif_flags & set) && !(ipif->ipif_flags & clear)) 16210 cnt++; 16211 16212 return (cnt); 16213 } 16214 16215 /* 16216 * Return the number of migratable addresses on `ill' that are under 16217 * application control. 16218 */ 16219 uint_t 16220 ill_appaddr_cnt(const ill_t *ill) 16221 { 16222 return (ill_flagaddr_cnt(ill, IPIF_DHCPRUNNING | IPIF_ADDRCONF, 16223 IPIF_NOFAILOVER)); 16224 } 16225 16226 /* 16227 * Return the number of point-to-point addresses on `ill'. 16228 */ 16229 uint_t 16230 ill_ptpaddr_cnt(const ill_t *ill) 16231 { 16232 return (ill_flagaddr_cnt(ill, IPIF_POINTOPOINT, 0)); 16233 } 16234 16235 /* ARGSUSED */ 16236 int 16237 ip_sioctl_get_lifusesrc(ipif_t *ipif, sin_t *sin, queue_t *q, mblk_t *mp, 16238 ip_ioctl_cmd_t *ipip, void *ifreq) 16239 { 16240 struct lifreq *lifr = ifreq; 16241 16242 ASSERT(q->q_next == NULL); 16243 ASSERT(CONN_Q(q)); 16244 16245 ip1dbg(("ip_sioctl_get_lifusesrc(%s:%u %p)\n", 16246 ipif->ipif_ill->ill_name, ipif->ipif_id, (void *)ipif)); 16247 lifr->lifr_index = ipif->ipif_ill->ill_usesrc_ifindex; 16248 ip1dbg(("ip_sioctl_get_lifusesrc:lifr_index = %d\n", lifr->lifr_index)); 16249 16250 return (0); 16251 } 16252 16253 /* Find the previous ILL in this usesrc group */ 16254 static ill_t * 16255 ill_prev_usesrc(ill_t *uill) 16256 { 16257 ill_t *ill; 16258 16259 for (ill = uill->ill_usesrc_grp_next; 16260 ASSERT(ill), ill->ill_usesrc_grp_next != uill; 16261 ill = ill->ill_usesrc_grp_next) 16262 /* do nothing */; 16263 return (ill); 16264 } 16265 16266 /* 16267 * Release all members of the usesrc group. This routine is called 16268 * from ill_delete when the interface being unplumbed is the 16269 * group head. 16270 * 16271 * This silently clears the usesrc that ifconfig setup. 16272 * An alternative would be to keep that ifindex, and drop packets on the floor 16273 * since no source address can be selected. 16274 * Even if we keep the current semantics, don't need a lock and a linked list. 16275 * Can walk all the ills checking if they have a ill_usesrc_ifindex matching 16276 * the one that is being removed. Issue is how we return the usesrc users 16277 * (SIOCGLIFSRCOF). We want to be able to find the ills which have an 16278 * ill_usesrc_ifindex matching a target ill. We could also do that with an 16279 * ill walk, but the walker would need to insert in the ioctl response. 16280 */ 16281 static void 16282 ill_disband_usesrc_group(ill_t *uill) 16283 { 16284 ill_t *next_ill, *tmp_ill; 16285 ip_stack_t *ipst = uill->ill_ipst; 16286 16287 ASSERT(RW_WRITE_HELD(&ipst->ips_ill_g_usesrc_lock)); 16288 next_ill = uill->ill_usesrc_grp_next; 16289 16290 do { 16291 ASSERT(next_ill != NULL); 16292 tmp_ill = next_ill->ill_usesrc_grp_next; 16293 ASSERT(tmp_ill != NULL); 16294 next_ill->ill_usesrc_grp_next = NULL; 16295 next_ill->ill_usesrc_ifindex = 0; 16296 next_ill = tmp_ill; 16297 } while (next_ill->ill_usesrc_ifindex != 0); 16298 uill->ill_usesrc_grp_next = NULL; 16299 } 16300 16301 /* 16302 * Remove the client usesrc ILL from the list and relink to a new list 16303 */ 16304 int 16305 ill_relink_usesrc_ills(ill_t *ucill, ill_t *uill, uint_t ifindex) 16306 { 16307 ill_t *ill, *tmp_ill; 16308 ip_stack_t *ipst = ucill->ill_ipst; 16309 16310 ASSERT((ucill != NULL) && (ucill->ill_usesrc_grp_next != NULL) && 16311 (uill != NULL) && RW_WRITE_HELD(&ipst->ips_ill_g_usesrc_lock)); 16312 16313 /* 16314 * Check if the usesrc client ILL passed in is not already 16315 * in use as a usesrc ILL i.e one whose source address is 16316 * in use OR a usesrc ILL is not already in use as a usesrc 16317 * client ILL 16318 */ 16319 if ((ucill->ill_usesrc_ifindex == 0) || 16320 (uill->ill_usesrc_ifindex != 0)) { 16321 return (-1); 16322 } 16323 16324 ill = ill_prev_usesrc(ucill); 16325 ASSERT(ill->ill_usesrc_grp_next != NULL); 16326 16327 /* Remove from the current list */ 16328 if (ill->ill_usesrc_grp_next->ill_usesrc_grp_next == ill) { 16329 /* Only two elements in the list */ 16330 ASSERT(ill->ill_usesrc_ifindex == 0); 16331 ill->ill_usesrc_grp_next = NULL; 16332 } else { 16333 ill->ill_usesrc_grp_next = ucill->ill_usesrc_grp_next; 16334 } 16335 16336 if (ifindex == 0) { 16337 ucill->ill_usesrc_ifindex = 0; 16338 ucill->ill_usesrc_grp_next = NULL; 16339 return (0); 16340 } 16341 16342 ucill->ill_usesrc_ifindex = ifindex; 16343 tmp_ill = uill->ill_usesrc_grp_next; 16344 uill->ill_usesrc_grp_next = ucill; 16345 ucill->ill_usesrc_grp_next = 16346 (tmp_ill != NULL) ? tmp_ill : uill; 16347 return (0); 16348 } 16349 16350 /* 16351 * Set the ill_usesrc and ill_usesrc_head fields. See synchronization notes in 16352 * ip.c for locking details. 16353 */ 16354 /* ARGSUSED */ 16355 int 16356 ip_sioctl_slifusesrc(ipif_t *ipif, sin_t *sin, queue_t *q, mblk_t *mp, 16357 ip_ioctl_cmd_t *ipip, void *ifreq) 16358 { 16359 struct lifreq *lifr = (struct lifreq *)ifreq; 16360 boolean_t isv6 = B_FALSE, reset_flg = B_FALSE; 16361 ill_t *usesrc_ill, *usesrc_cli_ill = ipif->ipif_ill; 16362 int err = 0, ret; 16363 uint_t ifindex; 16364 ipsq_t *ipsq = NULL; 16365 ip_stack_t *ipst = ipif->ipif_ill->ill_ipst; 16366 16367 ASSERT(IAM_WRITER_IPIF(ipif)); 16368 ASSERT(q->q_next == NULL); 16369 ASSERT(CONN_Q(q)); 16370 16371 isv6 = (Q_TO_CONN(q))->conn_family == AF_INET6; 16372 16373 ifindex = lifr->lifr_index; 16374 if (ifindex == 0) { 16375 if (usesrc_cli_ill->ill_usesrc_grp_next == NULL) { 16376 /* non usesrc group interface, nothing to reset */ 16377 return (0); 16378 } 16379 ifindex = usesrc_cli_ill->ill_usesrc_ifindex; 16380 /* valid reset request */ 16381 reset_flg = B_TRUE; 16382 } 16383 16384 usesrc_ill = ill_lookup_on_ifindex(ifindex, isv6, ipst); 16385 if (usesrc_ill == NULL) 16386 return (ENXIO); 16387 if (usesrc_ill == ipif->ipif_ill) { 16388 ill_refrele(usesrc_ill); 16389 return (EINVAL); 16390 } 16391 16392 ipsq = ipsq_try_enter(NULL, usesrc_ill, q, mp, ip_process_ioctl, 16393 NEW_OP, B_TRUE); 16394 if (ipsq == NULL) { 16395 err = EINPROGRESS; 16396 /* Operation enqueued on the ipsq of the usesrc ILL */ 16397 goto done; 16398 } 16399 16400 /* USESRC isn't currently supported with IPMP */ 16401 if (IS_IPMP(usesrc_ill) || IS_UNDER_IPMP(usesrc_ill)) { 16402 err = ENOTSUP; 16403 goto done; 16404 } 16405 16406 /* 16407 * USESRC isn't compatible with the STANDBY flag. (STANDBY is only 16408 * used by IPMP underlying interfaces, but someone might think it's 16409 * more general and try to use it independently with VNI.) 16410 */ 16411 if (usesrc_ill->ill_phyint->phyint_flags & PHYI_STANDBY) { 16412 err = ENOTSUP; 16413 goto done; 16414 } 16415 16416 /* 16417 * If the client is already in use as a usesrc_ill or a usesrc_ill is 16418 * already a client then return EINVAL 16419 */ 16420 if (IS_USESRC_ILL(usesrc_cli_ill) || IS_USESRC_CLI_ILL(usesrc_ill)) { 16421 err = EINVAL; 16422 goto done; 16423 } 16424 16425 /* 16426 * If the ill_usesrc_ifindex field is already set to what it needs to 16427 * be then this is a duplicate operation. 16428 */ 16429 if (!reset_flg && usesrc_cli_ill->ill_usesrc_ifindex == ifindex) { 16430 err = 0; 16431 goto done; 16432 } 16433 16434 ip1dbg(("ip_sioctl_slifusesrc: usesrc_cli_ill %s, usesrc_ill %s," 16435 " v6 = %d", usesrc_cli_ill->ill_name, usesrc_ill->ill_name, 16436 usesrc_ill->ill_isv6)); 16437 16438 /* 16439 * ill_g_usesrc_lock global lock protects the ill_usesrc_grp_next 16440 * and the ill_usesrc_ifindex fields 16441 */ 16442 rw_enter(&ipst->ips_ill_g_usesrc_lock, RW_WRITER); 16443 16444 if (reset_flg) { 16445 ret = ill_relink_usesrc_ills(usesrc_cli_ill, usesrc_ill, 0); 16446 if (ret != 0) { 16447 err = EINVAL; 16448 } 16449 rw_exit(&ipst->ips_ill_g_usesrc_lock); 16450 goto done; 16451 } 16452 16453 /* 16454 * Four possibilities to consider: 16455 * 1. Both usesrc_ill and usesrc_cli_ill are not part of any usesrc grp 16456 * 2. usesrc_ill is part of a group but usesrc_cli_ill isn't 16457 * 3. usesrc_cli_ill is part of a group but usesrc_ill isn't 16458 * 4. Both are part of their respective usesrc groups 16459 */ 16460 if ((usesrc_ill->ill_usesrc_grp_next == NULL) && 16461 (usesrc_cli_ill->ill_usesrc_grp_next == NULL)) { 16462 ASSERT(usesrc_ill->ill_usesrc_ifindex == 0); 16463 usesrc_cli_ill->ill_usesrc_ifindex = ifindex; 16464 usesrc_ill->ill_usesrc_grp_next = usesrc_cli_ill; 16465 usesrc_cli_ill->ill_usesrc_grp_next = usesrc_ill; 16466 } else if ((usesrc_ill->ill_usesrc_grp_next != NULL) && 16467 (usesrc_cli_ill->ill_usesrc_grp_next == NULL)) { 16468 usesrc_cli_ill->ill_usesrc_ifindex = ifindex; 16469 /* Insert at head of list */ 16470 usesrc_cli_ill->ill_usesrc_grp_next = 16471 usesrc_ill->ill_usesrc_grp_next; 16472 usesrc_ill->ill_usesrc_grp_next = usesrc_cli_ill; 16473 } else { 16474 ret = ill_relink_usesrc_ills(usesrc_cli_ill, usesrc_ill, 16475 ifindex); 16476 if (ret != 0) 16477 err = EINVAL; 16478 } 16479 rw_exit(&ipst->ips_ill_g_usesrc_lock); 16480 16481 done: 16482 if (ipsq != NULL) 16483 ipsq_exit(ipsq); 16484 /* The refrele on the lifr_name ipif is done by ip_process_ioctl */ 16485 ill_refrele(usesrc_ill); 16486 16487 /* Let conn_ixa caching know that source address selection changed */ 16488 ip_update_source_selection(ipst); 16489 16490 return (err); 16491 } 16492 16493 /* ARGSUSED */ 16494 int 16495 ip_sioctl_get_dadstate(ipif_t *ipif, sin_t *sin, queue_t *q, mblk_t *mp, 16496 ip_ioctl_cmd_t *ipip, void *if_req) 16497 { 16498 struct lifreq *lifr = (struct lifreq *)if_req; 16499 ill_t *ill = ipif->ipif_ill; 16500 16501 /* 16502 * Need a lock since IFF_UP can be set even when there are 16503 * references to the ipif. 16504 */ 16505 mutex_enter(&ill->ill_lock); 16506 if ((ipif->ipif_flags & IPIF_UP) && ipif->ipif_addr_ready == 0) 16507 lifr->lifr_dadstate = DAD_IN_PROGRESS; 16508 else 16509 lifr->lifr_dadstate = DAD_DONE; 16510 mutex_exit(&ill->ill_lock); 16511 return (0); 16512 } 16513 16514 /* 16515 * comparison function used by avl. 16516 */ 16517 static int 16518 ill_phyint_compare_index(const void *index_ptr, const void *phyip) 16519 { 16520 16521 uint_t index; 16522 16523 ASSERT(phyip != NULL && index_ptr != NULL); 16524 16525 index = *((uint_t *)index_ptr); 16526 /* 16527 * let the phyint with the lowest index be on top. 16528 */ 16529 if (((phyint_t *)phyip)->phyint_ifindex < index) 16530 return (1); 16531 if (((phyint_t *)phyip)->phyint_ifindex > index) 16532 return (-1); 16533 return (0); 16534 } 16535 16536 /* 16537 * comparison function used by avl. 16538 */ 16539 static int 16540 ill_phyint_compare_name(const void *name_ptr, const void *phyip) 16541 { 16542 ill_t *ill; 16543 int res = 0; 16544 16545 ASSERT(phyip != NULL && name_ptr != NULL); 16546 16547 if (((phyint_t *)phyip)->phyint_illv4) 16548 ill = ((phyint_t *)phyip)->phyint_illv4; 16549 else 16550 ill = ((phyint_t *)phyip)->phyint_illv6; 16551 ASSERT(ill != NULL); 16552 16553 res = strcmp(ill->ill_name, (char *)name_ptr); 16554 if (res > 0) 16555 return (1); 16556 else if (res < 0) 16557 return (-1); 16558 return (0); 16559 } 16560 16561 /* 16562 * This function is called on the unplumb path via ill_glist_delete() when 16563 * there are no ills left on the phyint and thus the phyint can be freed. 16564 */ 16565 static void 16566 phyint_free(phyint_t *phyi) 16567 { 16568 ip_stack_t *ipst = PHYINT_TO_IPST(phyi); 16569 16570 ASSERT(phyi->phyint_illv4 == NULL && phyi->phyint_illv6 == NULL); 16571 16572 /* 16573 * If this phyint was an IPMP meta-interface, blow away the group. 16574 * This is safe to do because all of the illgrps have already been 16575 * removed by I_PUNLINK, and thus SIOCSLIFGROUPNAME cannot find us. 16576 * If we're cleaning up as a result of failed initialization, 16577 * phyint_grp may be NULL. 16578 */ 16579 if ((phyi->phyint_flags & PHYI_IPMP) && (phyi->phyint_grp != NULL)) { 16580 rw_enter(&ipst->ips_ipmp_lock, RW_WRITER); 16581 ipmp_grp_destroy(phyi->phyint_grp); 16582 phyi->phyint_grp = NULL; 16583 rw_exit(&ipst->ips_ipmp_lock); 16584 } 16585 16586 /* 16587 * If this interface was under IPMP, take it out of the group. 16588 */ 16589 if (phyi->phyint_grp != NULL) 16590 ipmp_phyint_leave_grp(phyi); 16591 16592 /* 16593 * Delete the phyint and disassociate its ipsq. The ipsq itself 16594 * will be freed in ipsq_exit(). 16595 */ 16596 phyi->phyint_ipsq->ipsq_phyint = NULL; 16597 phyi->phyint_name[0] = '\0'; 16598 16599 mi_free(phyi); 16600 } 16601 16602 /* 16603 * Attach the ill to the phyint structure which can be shared by both 16604 * IPv4 and IPv6 ill. ill_init allocates a phyint to just hold flags. This 16605 * function is called from ipif_set_values and ill_lookup_on_name (for 16606 * loopback) where we know the name of the ill. We lookup the ill and if 16607 * there is one present already with the name use that phyint. Otherwise 16608 * reuse the one allocated by ill_init. 16609 */ 16610 static void 16611 ill_phyint_reinit(ill_t *ill) 16612 { 16613 boolean_t isv6 = ill->ill_isv6; 16614 phyint_t *phyi_old; 16615 phyint_t *phyi; 16616 avl_index_t where = 0; 16617 ill_t *ill_other = NULL; 16618 ip_stack_t *ipst = ill->ill_ipst; 16619 16620 ASSERT(RW_WRITE_HELD(&ipst->ips_ill_g_lock)); 16621 16622 phyi_old = ill->ill_phyint; 16623 ASSERT(isv6 || (phyi_old->phyint_illv4 == ill && 16624 phyi_old->phyint_illv6 == NULL)); 16625 ASSERT(!isv6 || (phyi_old->phyint_illv6 == ill && 16626 phyi_old->phyint_illv4 == NULL)); 16627 ASSERT(phyi_old->phyint_ifindex == 0); 16628 16629 /* 16630 * Now that our ill has a name, set it in the phyint. 16631 */ 16632 (void) strlcpy(ill->ill_phyint->phyint_name, ill->ill_name, LIFNAMSIZ); 16633 16634 phyi = avl_find(&ipst->ips_phyint_g_list->phyint_list_avl_by_name, 16635 ill->ill_name, &where); 16636 16637 /* 16638 * 1. We grabbed the ill_g_lock before inserting this ill into 16639 * the global list of ills. So no other thread could have located 16640 * this ill and hence the ipsq of this ill is guaranteed to be empty. 16641 * 2. Now locate the other protocol instance of this ill. 16642 * 3. Now grab both ill locks in the right order, and the phyint lock of 16643 * the new ipsq. Holding ill locks + ill_g_lock ensures that the ipsq 16644 * of neither ill can change. 16645 * 4. Merge the phyint and thus the ipsq as well of this ill onto the 16646 * other ill. 16647 * 5. Release all locks. 16648 */ 16649 16650 /* 16651 * Look for IPv4 if we are initializing IPv6 or look for IPv6 if 16652 * we are initializing IPv4. 16653 */ 16654 if (phyi != NULL) { 16655 ill_other = (isv6) ? phyi->phyint_illv4 : phyi->phyint_illv6; 16656 ASSERT(ill_other->ill_phyint != NULL); 16657 ASSERT((isv6 && !ill_other->ill_isv6) || 16658 (!isv6 && ill_other->ill_isv6)); 16659 GRAB_ILL_LOCKS(ill, ill_other); 16660 /* 16661 * We are potentially throwing away phyint_flags which 16662 * could be different from the one that we obtain from 16663 * ill_other->ill_phyint. But it is okay as we are assuming 16664 * that the state maintained within IP is correct. 16665 */ 16666 mutex_enter(&phyi->phyint_lock); 16667 if (isv6) { 16668 ASSERT(phyi->phyint_illv6 == NULL); 16669 phyi->phyint_illv6 = ill; 16670 } else { 16671 ASSERT(phyi->phyint_illv4 == NULL); 16672 phyi->phyint_illv4 = ill; 16673 } 16674 16675 /* 16676 * Delete the old phyint and make its ipsq eligible 16677 * to be freed in ipsq_exit(). 16678 */ 16679 phyi_old->phyint_illv4 = NULL; 16680 phyi_old->phyint_illv6 = NULL; 16681 phyi_old->phyint_ipsq->ipsq_phyint = NULL; 16682 phyi_old->phyint_name[0] = '\0'; 16683 mi_free(phyi_old); 16684 } else { 16685 mutex_enter(&ill->ill_lock); 16686 /* 16687 * We don't need to acquire any lock, since 16688 * the ill is not yet visible globally and we 16689 * have not yet released the ill_g_lock. 16690 */ 16691 phyi = phyi_old; 16692 mutex_enter(&phyi->phyint_lock); 16693 /* XXX We need a recovery strategy here. */ 16694 if (!phyint_assign_ifindex(phyi, ipst)) 16695 cmn_err(CE_PANIC, "phyint_assign_ifindex() failed"); 16696 16697 avl_insert(&ipst->ips_phyint_g_list->phyint_list_avl_by_name, 16698 (void *)phyi, where); 16699 16700 (void) avl_find(&ipst->ips_phyint_g_list-> 16701 phyint_list_avl_by_index, 16702 &phyi->phyint_ifindex, &where); 16703 avl_insert(&ipst->ips_phyint_g_list->phyint_list_avl_by_index, 16704 (void *)phyi, where); 16705 } 16706 16707 /* 16708 * Reassigning ill_phyint automatically reassigns the ipsq also. 16709 * pending mp is not affected because that is per ill basis. 16710 */ 16711 ill->ill_phyint = phyi; 16712 16713 /* 16714 * Now that the phyint's ifindex has been assigned, complete the 16715 * remaining 16716 */ 16717 ill->ill_ip_mib->ipIfStatsIfIndex = ill->ill_phyint->phyint_ifindex; 16718 if (ill->ill_isv6) { 16719 ill->ill_icmp6_mib->ipv6IfIcmpIfIndex = 16720 ill->ill_phyint->phyint_ifindex; 16721 ill->ill_mcast_type = ipst->ips_mld_max_version; 16722 } else { 16723 ill->ill_mcast_type = ipst->ips_igmp_max_version; 16724 } 16725 16726 /* 16727 * Generate an event within the hooks framework to indicate that 16728 * a new interface has just been added to IP. For this event to 16729 * be generated, the network interface must, at least, have an 16730 * ifindex assigned to it. (We don't generate the event for 16731 * loopback since ill_lookup_on_name() has its own NE_PLUMB event.) 16732 * 16733 * This needs to be run inside the ill_g_lock perimeter to ensure 16734 * that the ordering of delivered events to listeners matches the 16735 * order of them in the kernel. 16736 */ 16737 if (!IS_LOOPBACK(ill)) { 16738 ill_nic_event_dispatch(ill, 0, NE_PLUMB, ill->ill_name, 16739 ill->ill_name_length); 16740 } 16741 RELEASE_ILL_LOCKS(ill, ill_other); 16742 mutex_exit(&phyi->phyint_lock); 16743 } 16744 16745 /* 16746 * Notify any downstream modules of the name of this interface. 16747 * An M_IOCTL is used even though we don't expect a successful reply. 16748 * Any reply message from the driver (presumably an M_IOCNAK) will 16749 * eventually get discarded somewhere upstream. The message format is 16750 * simply an SIOCSLIFNAME ioctl just as might be sent from ifconfig 16751 * to IP. 16752 */ 16753 static void 16754 ip_ifname_notify(ill_t *ill, queue_t *q) 16755 { 16756 mblk_t *mp1, *mp2; 16757 struct iocblk *iocp; 16758 struct lifreq *lifr; 16759 16760 mp1 = mkiocb(SIOCSLIFNAME); 16761 if (mp1 == NULL) 16762 return; 16763 mp2 = allocb(sizeof (struct lifreq), BPRI_HI); 16764 if (mp2 == NULL) { 16765 freeb(mp1); 16766 return; 16767 } 16768 16769 mp1->b_cont = mp2; 16770 iocp = (struct iocblk *)mp1->b_rptr; 16771 iocp->ioc_count = sizeof (struct lifreq); 16772 16773 lifr = (struct lifreq *)mp2->b_rptr; 16774 mp2->b_wptr += sizeof (struct lifreq); 16775 bzero(lifr, sizeof (struct lifreq)); 16776 16777 (void) strncpy(lifr->lifr_name, ill->ill_name, LIFNAMSIZ); 16778 lifr->lifr_ppa = ill->ill_ppa; 16779 lifr->lifr_flags = (ill->ill_flags & (ILLF_IPV4|ILLF_IPV6)); 16780 16781 DTRACE_PROBE3(ill__dlpi, char *, "ip_ifname_notify", 16782 char *, "SIOCSLIFNAME", ill_t *, ill); 16783 putnext(q, mp1); 16784 } 16785 16786 static int 16787 ipif_set_values_tail(ill_t *ill, ipif_t *ipif, mblk_t *mp, queue_t *q) 16788 { 16789 int err; 16790 ip_stack_t *ipst = ill->ill_ipst; 16791 phyint_t *phyi = ill->ill_phyint; 16792 16793 /* 16794 * Now that ill_name is set, the configuration for the IPMP 16795 * meta-interface can be performed. 16796 */ 16797 if (IS_IPMP(ill)) { 16798 rw_enter(&ipst->ips_ipmp_lock, RW_WRITER); 16799 /* 16800 * If phyi->phyint_grp is NULL, then this is the first IPMP 16801 * meta-interface and we need to create the IPMP group. 16802 */ 16803 if (phyi->phyint_grp == NULL) { 16804 /* 16805 * If someone has renamed another IPMP group to have 16806 * the same name as our interface, bail. 16807 */ 16808 if (ipmp_grp_lookup(ill->ill_name, ipst) != NULL) { 16809 rw_exit(&ipst->ips_ipmp_lock); 16810 return (EEXIST); 16811 } 16812 phyi->phyint_grp = ipmp_grp_create(ill->ill_name, phyi); 16813 if (phyi->phyint_grp == NULL) { 16814 rw_exit(&ipst->ips_ipmp_lock); 16815 return (ENOMEM); 16816 } 16817 } 16818 rw_exit(&ipst->ips_ipmp_lock); 16819 } 16820 16821 /* Tell downstream modules where they are. */ 16822 ip_ifname_notify(ill, q); 16823 16824 /* 16825 * ill_dl_phys returns EINPROGRESS in the usual case. 16826 * Error cases are ENOMEM ... 16827 */ 16828 err = ill_dl_phys(ill, ipif, mp, q); 16829 16830 if (ill->ill_isv6) { 16831 mutex_enter(&ipst->ips_mld_slowtimeout_lock); 16832 if (ipst->ips_mld_slowtimeout_id == 0) { 16833 ipst->ips_mld_slowtimeout_id = timeout(mld_slowtimo, 16834 (void *)ipst, 16835 MSEC_TO_TICK(MCAST_SLOWTIMO_INTERVAL)); 16836 } 16837 mutex_exit(&ipst->ips_mld_slowtimeout_lock); 16838 } else { 16839 mutex_enter(&ipst->ips_igmp_slowtimeout_lock); 16840 if (ipst->ips_igmp_slowtimeout_id == 0) { 16841 ipst->ips_igmp_slowtimeout_id = timeout(igmp_slowtimo, 16842 (void *)ipst, 16843 MSEC_TO_TICK(MCAST_SLOWTIMO_INTERVAL)); 16844 } 16845 mutex_exit(&ipst->ips_igmp_slowtimeout_lock); 16846 } 16847 16848 return (err); 16849 } 16850 16851 /* 16852 * Common routine for ppa and ifname setting. Should be called exclusive. 16853 * 16854 * Returns EINPROGRESS when mp has been consumed by queueing it on 16855 * ipx_pending_mp and the ioctl will complete in ip_rput. 16856 * 16857 * NOTE : If ppa is UNIT_MAX, we assign the next valid ppa and return 16858 * the new name and new ppa in lifr_name and lifr_ppa respectively. 16859 * For SLIFNAME, we pass these values back to the userland. 16860 */ 16861 static int 16862 ipif_set_values(queue_t *q, mblk_t *mp, char *interf_name, uint_t *new_ppa_ptr) 16863 { 16864 ill_t *ill; 16865 ipif_t *ipif; 16866 ipsq_t *ipsq; 16867 char *ppa_ptr; 16868 char *old_ptr; 16869 char old_char; 16870 int error; 16871 ip_stack_t *ipst; 16872 16873 ip1dbg(("ipif_set_values: interface %s\n", interf_name)); 16874 ASSERT(q->q_next != NULL); 16875 ASSERT(interf_name != NULL); 16876 16877 ill = (ill_t *)q->q_ptr; 16878 ipst = ill->ill_ipst; 16879 16880 ASSERT(ill->ill_ipst != NULL); 16881 ASSERT(ill->ill_name[0] == '\0'); 16882 ASSERT(IAM_WRITER_ILL(ill)); 16883 ASSERT((mi_strlen(interf_name) + 1) <= LIFNAMSIZ); 16884 ASSERT(ill->ill_ppa == UINT_MAX); 16885 16886 ill->ill_defend_start = ill->ill_defend_count = 0; 16887 /* The ppa is sent down by ifconfig or is chosen */ 16888 if ((ppa_ptr = ill_get_ppa_ptr(interf_name)) == NULL) { 16889 return (EINVAL); 16890 } 16891 16892 /* 16893 * make sure ppa passed in is same as ppa in the name. 16894 * This check is not made when ppa == UINT_MAX in that case ppa 16895 * in the name could be anything. System will choose a ppa and 16896 * update new_ppa_ptr and inter_name to contain the choosen ppa. 16897 */ 16898 if (*new_ppa_ptr != UINT_MAX) { 16899 /* stoi changes the pointer */ 16900 old_ptr = ppa_ptr; 16901 /* 16902 * ifconfig passed in 0 for the ppa for DLPI 1 style devices 16903 * (they don't have an externally visible ppa). We assign one 16904 * here so that we can manage the interface. Note that in 16905 * the past this value was always 0 for DLPI 1 drivers. 16906 */ 16907 if (*new_ppa_ptr == 0) 16908 *new_ppa_ptr = stoi(&old_ptr); 16909 else if (*new_ppa_ptr != (uint_t)stoi(&old_ptr)) 16910 return (EINVAL); 16911 } 16912 /* 16913 * terminate string before ppa 16914 * save char at that location. 16915 */ 16916 old_char = ppa_ptr[0]; 16917 ppa_ptr[0] = '\0'; 16918 16919 ill->ill_ppa = *new_ppa_ptr; 16920 /* 16921 * Finish as much work now as possible before calling ill_glist_insert 16922 * which makes the ill globally visible and also merges it with the 16923 * other protocol instance of this phyint. The remaining work is 16924 * done after entering the ipsq which may happen sometime later. 16925 */ 16926 ipif = ill->ill_ipif; 16927 16928 /* We didn't do this when we allocated ipif in ip_ll_subnet_defaults */ 16929 ipif_assign_seqid(ipif); 16930 16931 if (!(ill->ill_flags & (ILLF_IPV4|ILLF_IPV6))) 16932 ill->ill_flags |= ILLF_IPV4; 16933 16934 ASSERT(ipif->ipif_next == NULL); /* Only one ipif on ill */ 16935 ASSERT((ipif->ipif_flags & IPIF_UP) == 0); 16936 16937 if (ill->ill_flags & ILLF_IPV6) { 16938 16939 ill->ill_isv6 = B_TRUE; 16940 ill_set_inputfn(ill); 16941 if (ill->ill_rq != NULL) { 16942 ill->ill_rq->q_qinfo = &iprinitv6; 16943 } 16944 16945 /* Keep the !IN6_IS_ADDR_V4MAPPED assertions happy */ 16946 ipif->ipif_v6lcl_addr = ipv6_all_zeros; 16947 ipif->ipif_v6subnet = ipv6_all_zeros; 16948 ipif->ipif_v6net_mask = ipv6_all_zeros; 16949 ipif->ipif_v6brd_addr = ipv6_all_zeros; 16950 ipif->ipif_v6pp_dst_addr = ipv6_all_zeros; 16951 ill->ill_reachable_retrans_time = ND_RETRANS_TIMER; 16952 /* 16953 * point-to-point or Non-mulicast capable 16954 * interfaces won't do NUD unless explicitly 16955 * configured to do so. 16956 */ 16957 if (ipif->ipif_flags & IPIF_POINTOPOINT || 16958 !(ill->ill_flags & ILLF_MULTICAST)) { 16959 ill->ill_flags |= ILLF_NONUD; 16960 } 16961 /* Make sure IPv4 specific flag is not set on IPv6 if */ 16962 if (ill->ill_flags & ILLF_NOARP) { 16963 /* 16964 * Note: xresolv interfaces will eventually need 16965 * NOARP set here as well, but that will require 16966 * those external resolvers to have some 16967 * knowledge of that flag and act appropriately. 16968 * Not to be changed at present. 16969 */ 16970 ill->ill_flags &= ~ILLF_NOARP; 16971 } 16972 /* 16973 * Set the ILLF_ROUTER flag according to the global 16974 * IPv6 forwarding policy. 16975 */ 16976 if (ipst->ips_ipv6_forwarding != 0) 16977 ill->ill_flags |= ILLF_ROUTER; 16978 } else if (ill->ill_flags & ILLF_IPV4) { 16979 ill->ill_isv6 = B_FALSE; 16980 ill_set_inputfn(ill); 16981 ill->ill_reachable_retrans_time = ARP_RETRANS_TIMER; 16982 IN6_IPADDR_TO_V4MAPPED(INADDR_ANY, &ipif->ipif_v6lcl_addr); 16983 IN6_IPADDR_TO_V4MAPPED(INADDR_ANY, &ipif->ipif_v6subnet); 16984 IN6_IPADDR_TO_V4MAPPED(INADDR_ANY, &ipif->ipif_v6net_mask); 16985 IN6_IPADDR_TO_V4MAPPED(INADDR_ANY, &ipif->ipif_v6brd_addr); 16986 IN6_IPADDR_TO_V4MAPPED(INADDR_ANY, &ipif->ipif_v6pp_dst_addr); 16987 /* 16988 * Set the ILLF_ROUTER flag according to the global 16989 * IPv4 forwarding policy. 16990 */ 16991 if (ipst->ips_ip_forwarding != 0) 16992 ill->ill_flags |= ILLF_ROUTER; 16993 } 16994 16995 ASSERT(ill->ill_phyint != NULL); 16996 16997 /* 16998 * The ipIfStatsIfindex and ipv6IfIcmpIfIndex assignments will 16999 * be completed in ill_glist_insert -> ill_phyint_reinit 17000 */ 17001 if (!ill_allocate_mibs(ill)) 17002 return (ENOMEM); 17003 17004 /* 17005 * Pick a default sap until we get the DL_INFO_ACK back from 17006 * the driver. 17007 */ 17008 ill->ill_sap = (ill->ill_isv6) ? ill->ill_media->ip_m_ipv6sap : 17009 ill->ill_media->ip_m_ipv4sap; 17010 17011 ill->ill_ifname_pending = 1; 17012 ill->ill_ifname_pending_err = 0; 17013 17014 /* 17015 * When the first ipif comes up in ipif_up_done(), multicast groups 17016 * that were joined while this ill was not bound to the DLPI link need 17017 * to be recovered by ill_recover_multicast(). 17018 */ 17019 ill->ill_need_recover_multicast = 1; 17020 17021 ill_refhold(ill); 17022 rw_enter(&ipst->ips_ill_g_lock, RW_WRITER); 17023 if ((error = ill_glist_insert(ill, interf_name, 17024 (ill->ill_flags & ILLF_IPV6) == ILLF_IPV6)) > 0) { 17025 ill->ill_ppa = UINT_MAX; 17026 ill->ill_name[0] = '\0'; 17027 /* 17028 * undo null termination done above. 17029 */ 17030 ppa_ptr[0] = old_char; 17031 rw_exit(&ipst->ips_ill_g_lock); 17032 ill_refrele(ill); 17033 return (error); 17034 } 17035 17036 ASSERT(ill->ill_name_length <= LIFNAMSIZ); 17037 17038 /* 17039 * When we return the buffer pointed to by interf_name should contain 17040 * the same name as in ill_name. 17041 * If a ppa was choosen by the system (ppa passed in was UINT_MAX) 17042 * the buffer pointed to by new_ppa_ptr would not contain the right ppa 17043 * so copy full name and update the ppa ptr. 17044 * When ppa passed in != UINT_MAX all values are correct just undo 17045 * null termination, this saves a bcopy. 17046 */ 17047 if (*new_ppa_ptr == UINT_MAX) { 17048 bcopy(ill->ill_name, interf_name, ill->ill_name_length); 17049 *new_ppa_ptr = ill->ill_ppa; 17050 } else { 17051 /* 17052 * undo null termination done above. 17053 */ 17054 ppa_ptr[0] = old_char; 17055 } 17056 17057 /* Let SCTP know about this ILL */ 17058 sctp_update_ill(ill, SCTP_ILL_INSERT); 17059 17060 /* 17061 * ill_glist_insert has made the ill visible globally, and 17062 * ill_phyint_reinit could have changed the ipsq. At this point, 17063 * we need to hold the ips_ill_g_lock across the call to enter the 17064 * ipsq to enforce atomicity and prevent reordering. In the event 17065 * the ipsq has changed, and if the new ipsq is currently busy, 17066 * we need to make sure that this half-completed ioctl is ahead of 17067 * any subsequent ioctl. We achieve this by not dropping the 17068 * ips_ill_g_lock which prevents any ill lookup itself thereby 17069 * ensuring that new ioctls can't start. 17070 */ 17071 ipsq = ipsq_try_enter_internal(ill, q, mp, ip_reprocess_ioctl, NEW_OP, 17072 B_TRUE); 17073 17074 rw_exit(&ipst->ips_ill_g_lock); 17075 ill_refrele(ill); 17076 if (ipsq == NULL) 17077 return (EINPROGRESS); 17078 17079 /* 17080 * If ill_phyint_reinit() changed our ipsq, then start on the new ipsq. 17081 */ 17082 if (ipsq->ipsq_xop->ipx_current_ipif == NULL) 17083 ipsq_current_start(ipsq, ipif, SIOCSLIFNAME); 17084 else 17085 ASSERT(ipsq->ipsq_xop->ipx_current_ipif == ipif); 17086 17087 error = ipif_set_values_tail(ill, ipif, mp, q); 17088 ipsq_exit(ipsq); 17089 if (error != 0 && error != EINPROGRESS) { 17090 /* 17091 * restore previous values 17092 */ 17093 ill->ill_isv6 = B_FALSE; 17094 ill_set_inputfn(ill); 17095 } 17096 return (error); 17097 } 17098 17099 void 17100 ipif_init(ip_stack_t *ipst) 17101 { 17102 int i; 17103 17104 for (i = 0; i < MAX_G_HEADS; i++) { 17105 ipst->ips_ill_g_heads[i].ill_g_list_head = 17106 (ill_if_t *)&ipst->ips_ill_g_heads[i]; 17107 ipst->ips_ill_g_heads[i].ill_g_list_tail = 17108 (ill_if_t *)&ipst->ips_ill_g_heads[i]; 17109 } 17110 17111 avl_create(&ipst->ips_phyint_g_list->phyint_list_avl_by_index, 17112 ill_phyint_compare_index, 17113 sizeof (phyint_t), 17114 offsetof(struct phyint, phyint_avl_by_index)); 17115 avl_create(&ipst->ips_phyint_g_list->phyint_list_avl_by_name, 17116 ill_phyint_compare_name, 17117 sizeof (phyint_t), 17118 offsetof(struct phyint, phyint_avl_by_name)); 17119 } 17120 17121 /* 17122 * Save enough information so that we can recreate the IRE if 17123 * the interface goes down and then up. 17124 */ 17125 void 17126 ill_save_ire(ill_t *ill, ire_t *ire) 17127 { 17128 mblk_t *save_mp; 17129 17130 save_mp = allocb(sizeof (ifrt_t), BPRI_MED); 17131 if (save_mp != NULL) { 17132 ifrt_t *ifrt; 17133 17134 save_mp->b_wptr += sizeof (ifrt_t); 17135 ifrt = (ifrt_t *)save_mp->b_rptr; 17136 bzero(ifrt, sizeof (ifrt_t)); 17137 ifrt->ifrt_type = ire->ire_type; 17138 if (ire->ire_ipversion == IPV4_VERSION) { 17139 ASSERT(!ill->ill_isv6); 17140 ifrt->ifrt_addr = ire->ire_addr; 17141 ifrt->ifrt_gateway_addr = ire->ire_gateway_addr; 17142 ifrt->ifrt_setsrc_addr = ire->ire_setsrc_addr; 17143 ifrt->ifrt_mask = ire->ire_mask; 17144 } else { 17145 ASSERT(ill->ill_isv6); 17146 ifrt->ifrt_v6addr = ire->ire_addr_v6; 17147 /* ire_gateway_addr_v6 can change due to RTM_CHANGE */ 17148 mutex_enter(&ire->ire_lock); 17149 ifrt->ifrt_v6gateway_addr = ire->ire_gateway_addr_v6; 17150 mutex_exit(&ire->ire_lock); 17151 ifrt->ifrt_v6setsrc_addr = ire->ire_setsrc_addr_v6; 17152 ifrt->ifrt_v6mask = ire->ire_mask_v6; 17153 } 17154 ifrt->ifrt_flags = ire->ire_flags; 17155 ifrt->ifrt_zoneid = ire->ire_zoneid; 17156 mutex_enter(&ill->ill_saved_ire_lock); 17157 save_mp->b_cont = ill->ill_saved_ire_mp; 17158 ill->ill_saved_ire_mp = save_mp; 17159 ill->ill_saved_ire_cnt++; 17160 mutex_exit(&ill->ill_saved_ire_lock); 17161 } 17162 } 17163 17164 /* 17165 * Remove one entry from ill_saved_ire_mp. 17166 */ 17167 void 17168 ill_remove_saved_ire(ill_t *ill, ire_t *ire) 17169 { 17170 mblk_t **mpp; 17171 mblk_t *mp; 17172 ifrt_t *ifrt; 17173 17174 /* Remove from ill_saved_ire_mp list if it is there */ 17175 mutex_enter(&ill->ill_saved_ire_lock); 17176 for (mpp = &ill->ill_saved_ire_mp; *mpp != NULL; 17177 mpp = &(*mpp)->b_cont) { 17178 in6_addr_t gw_addr_v6; 17179 17180 /* 17181 * On a given ill, the tuple of address, gateway, mask, 17182 * ire_type, and zoneid is unique for each saved IRE. 17183 */ 17184 mp = *mpp; 17185 ifrt = (ifrt_t *)mp->b_rptr; 17186 /* ire_gateway_addr_v6 can change - need lock */ 17187 mutex_enter(&ire->ire_lock); 17188 gw_addr_v6 = ire->ire_gateway_addr_v6; 17189 mutex_exit(&ire->ire_lock); 17190 17191 if (ifrt->ifrt_zoneid != ire->ire_zoneid || 17192 ifrt->ifrt_type != ire->ire_type) 17193 continue; 17194 17195 if (ill->ill_isv6 ? 17196 (IN6_ARE_ADDR_EQUAL(&ifrt->ifrt_v6addr, 17197 &ire->ire_addr_v6) && 17198 IN6_ARE_ADDR_EQUAL(&ifrt->ifrt_v6gateway_addr, 17199 &gw_addr_v6) && 17200 IN6_ARE_ADDR_EQUAL(&ifrt->ifrt_v6mask, 17201 &ire->ire_mask_v6)) : 17202 (ifrt->ifrt_addr == ire->ire_addr && 17203 ifrt->ifrt_gateway_addr == ire->ire_gateway_addr && 17204 ifrt->ifrt_mask == ire->ire_mask)) { 17205 *mpp = mp->b_cont; 17206 ill->ill_saved_ire_cnt--; 17207 freeb(mp); 17208 break; 17209 } 17210 } 17211 mutex_exit(&ill->ill_saved_ire_lock); 17212 } 17213 17214 /* 17215 * IP multirouting broadcast routes handling 17216 * Append CGTP broadcast IREs to regular ones created 17217 * at ifconfig time. 17218 * The usage is a route add <cgtp_bc> <nic_bc> -multirt i.e., both 17219 * the destination and the gateway are broadcast addresses. 17220 * The caller has verified that the destination is an IRE_BROADCAST and that 17221 * RTF_MULTIRT was set. Here if the gateway is a broadcast address, then 17222 * we create a MULTIRT IRE_BROADCAST. 17223 * Note that the IRE_HOST created by ire_rt_add doesn't get found by anything 17224 * since the IRE_BROADCAST takes precedence; ire_add_v4 does head insertion. 17225 */ 17226 static void 17227 ip_cgtp_bcast_add(ire_t *ire, ip_stack_t *ipst) 17228 { 17229 ire_t *ire_prim; 17230 17231 ASSERT(ire != NULL); 17232 17233 ire_prim = ire_ftable_lookup_v4(ire->ire_gateway_addr, 0, 0, 17234 IRE_BROADCAST, NULL, ALL_ZONES, NULL, MATCH_IRE_TYPE, 0, ipst, 17235 NULL); 17236 if (ire_prim != NULL) { 17237 /* 17238 * We are in the special case of broadcasts for 17239 * CGTP. We add an IRE_BROADCAST that holds 17240 * the RTF_MULTIRT flag, the destination 17241 * address and the low level 17242 * info of ire_prim. In other words, CGTP 17243 * broadcast is added to the redundant ipif. 17244 */ 17245 ill_t *ill_prim; 17246 ire_t *bcast_ire; 17247 17248 ill_prim = ire_prim->ire_ill; 17249 17250 ip2dbg(("ip_cgtp_filter_bcast_add: ire_prim %p, ill_prim %p\n", 17251 (void *)ire_prim, (void *)ill_prim)); 17252 17253 bcast_ire = ire_create( 17254 (uchar_t *)&ire->ire_addr, 17255 (uchar_t *)&ip_g_all_ones, 17256 (uchar_t *)&ire->ire_gateway_addr, 17257 IRE_BROADCAST, 17258 ill_prim, 17259 GLOBAL_ZONEID, /* CGTP is only for the global zone */ 17260 ire->ire_flags | RTF_KERNEL, 17261 NULL, 17262 ipst); 17263 17264 /* 17265 * Here we assume that ire_add does head insertion so that 17266 * the added IRE_BROADCAST comes before the existing IRE_HOST. 17267 */ 17268 if (bcast_ire != NULL) { 17269 if (ire->ire_flags & RTF_SETSRC) { 17270 bcast_ire->ire_setsrc_addr = 17271 ire->ire_setsrc_addr; 17272 } 17273 bcast_ire = ire_add(bcast_ire); 17274 if (bcast_ire != NULL) { 17275 ip2dbg(("ip_cgtp_filter_bcast_add: " 17276 "added bcast_ire %p\n", 17277 (void *)bcast_ire)); 17278 17279 ill_save_ire(ill_prim, bcast_ire); 17280 ire_refrele(bcast_ire); 17281 } 17282 } 17283 ire_refrele(ire_prim); 17284 } 17285 } 17286 17287 /* 17288 * IP multirouting broadcast routes handling 17289 * Remove the broadcast ire. 17290 * The usage is a route delete <cgtp_bc> <nic_bc> -multirt i.e., both 17291 * the destination and the gateway are broadcast addresses. 17292 * The caller has only verified that RTF_MULTIRT was set. We check 17293 * that the destination is broadcast and that the gateway is a broadcast 17294 * address, and if so delete the IRE added by ip_cgtp_bcast_add(). 17295 */ 17296 static void 17297 ip_cgtp_bcast_delete(ire_t *ire, ip_stack_t *ipst) 17298 { 17299 ASSERT(ire != NULL); 17300 17301 if (ip_type_v4(ire->ire_addr, ipst) == IRE_BROADCAST) { 17302 ire_t *ire_prim; 17303 17304 ire_prim = ire_ftable_lookup_v4(ire->ire_gateway_addr, 0, 0, 17305 IRE_BROADCAST, NULL, ALL_ZONES, NULL, MATCH_IRE_TYPE, 0, 17306 ipst, NULL); 17307 if (ire_prim != NULL) { 17308 ill_t *ill_prim; 17309 ire_t *bcast_ire; 17310 17311 ill_prim = ire_prim->ire_ill; 17312 17313 ip2dbg(("ip_cgtp_filter_bcast_delete: " 17314 "ire_prim %p, ill_prim %p\n", 17315 (void *)ire_prim, (void *)ill_prim)); 17316 17317 bcast_ire = ire_ftable_lookup_v4(ire->ire_addr, 0, 17318 ire->ire_gateway_addr, IRE_BROADCAST, 17319 ill_prim, ALL_ZONES, NULL, 17320 MATCH_IRE_TYPE | MATCH_IRE_GW | MATCH_IRE_ILL | 17321 MATCH_IRE_MASK, 0, ipst, NULL); 17322 17323 if (bcast_ire != NULL) { 17324 ip2dbg(("ip_cgtp_filter_bcast_delete: " 17325 "looked up bcast_ire %p\n", 17326 (void *)bcast_ire)); 17327 ill_remove_saved_ire(bcast_ire->ire_ill, 17328 bcast_ire); 17329 ire_delete(bcast_ire); 17330 ire_refrele(bcast_ire); 17331 } 17332 ire_refrele(ire_prim); 17333 } 17334 } 17335 } 17336 17337 /* 17338 * Derive an interface id from the link layer address. 17339 * Knows about IEEE 802 and IEEE EUI-64 mappings. 17340 */ 17341 static void 17342 ip_ether_v6intfid(ill_t *ill, in6_addr_t *v6addr) 17343 { 17344 char *addr; 17345 17346 /* 17347 * Note that some IPv6 interfaces get plumbed over links that claim to 17348 * be DL_ETHER, but don't actually have Ethernet MAC addresses (e.g. 17349 * PPP links). The ETHERADDRL check here ensures that we only set the 17350 * interface ID on IPv6 interfaces above links that actually have real 17351 * Ethernet addresses. 17352 */ 17353 if (ill->ill_phys_addr_length == ETHERADDRL) { 17354 /* Form EUI-64 like address */ 17355 addr = (char *)&v6addr->s6_addr32[2]; 17356 bcopy(ill->ill_phys_addr, addr, 3); 17357 addr[0] ^= 0x2; /* Toggle Universal/Local bit */ 17358 addr[3] = (char)0xff; 17359 addr[4] = (char)0xfe; 17360 bcopy(ill->ill_phys_addr + 3, addr + 5, 3); 17361 } 17362 } 17363 17364 /* ARGSUSED */ 17365 static void 17366 ip_nodef_v6intfid(ill_t *ill, in6_addr_t *v6addr) 17367 { 17368 } 17369 17370 typedef struct ipmp_ifcookie { 17371 uint32_t ic_hostid; 17372 char ic_ifname[LIFNAMSIZ]; 17373 char ic_zonename[ZONENAME_MAX]; 17374 } ipmp_ifcookie_t; 17375 17376 /* 17377 * Construct a pseudo-random interface ID for the IPMP interface that's both 17378 * predictable and (almost) guaranteed to be unique. 17379 */ 17380 static void 17381 ip_ipmp_v6intfid(ill_t *ill, in6_addr_t *v6addr) 17382 { 17383 zone_t *zp; 17384 uint8_t *addr; 17385 uchar_t hash[16]; 17386 ulong_t hostid; 17387 MD5_CTX ctx; 17388 ipmp_ifcookie_t ic = { 0 }; 17389 17390 ASSERT(IS_IPMP(ill)); 17391 17392 (void) ddi_strtoul(hw_serial, NULL, 10, &hostid); 17393 ic.ic_hostid = htonl((uint32_t)hostid); 17394 17395 (void) strlcpy(ic.ic_ifname, ill->ill_name, LIFNAMSIZ); 17396 17397 if ((zp = zone_find_by_id(ill->ill_zoneid)) != NULL) { 17398 (void) strlcpy(ic.ic_zonename, zp->zone_name, ZONENAME_MAX); 17399 zone_rele(zp); 17400 } 17401 17402 MD5Init(&ctx); 17403 MD5Update(&ctx, &ic, sizeof (ic)); 17404 MD5Final(hash, &ctx); 17405 17406 /* 17407 * Map the hash to an interface ID per the basic approach in RFC3041. 17408 */ 17409 addr = &v6addr->s6_addr8[8]; 17410 bcopy(hash + 8, addr, sizeof (uint64_t)); 17411 addr[0] &= ~0x2; /* set local bit */ 17412 } 17413 17414 /* 17415 * Map the multicast in6_addr_t in m_ip6addr to the physaddr for ethernet. 17416 */ 17417 static void 17418 ip_ether_v6_mapping(ill_t *ill, uchar_t *m_ip6addr, uchar_t *m_physaddr) 17419 { 17420 phyint_t *phyi = ill->ill_phyint; 17421 17422 /* 17423 * Check PHYI_MULTI_BCAST and length of physical 17424 * address to determine if we use the mapping or the 17425 * broadcast address. 17426 */ 17427 if ((phyi->phyint_flags & PHYI_MULTI_BCAST) != 0 || 17428 ill->ill_phys_addr_length != ETHERADDRL) { 17429 ip_mbcast_mapping(ill, m_ip6addr, m_physaddr); 17430 return; 17431 } 17432 m_physaddr[0] = 0x33; 17433 m_physaddr[1] = 0x33; 17434 m_physaddr[2] = m_ip6addr[12]; 17435 m_physaddr[3] = m_ip6addr[13]; 17436 m_physaddr[4] = m_ip6addr[14]; 17437 m_physaddr[5] = m_ip6addr[15]; 17438 } 17439 17440 /* 17441 * Map the multicast ipaddr_t in m_ipaddr to the physaddr for ethernet. 17442 */ 17443 static void 17444 ip_ether_v4_mapping(ill_t *ill, uchar_t *m_ipaddr, uchar_t *m_physaddr) 17445 { 17446 phyint_t *phyi = ill->ill_phyint; 17447 17448 /* 17449 * Check PHYI_MULTI_BCAST and length of physical 17450 * address to determine if we use the mapping or the 17451 * broadcast address. 17452 */ 17453 if ((phyi->phyint_flags & PHYI_MULTI_BCAST) != 0 || 17454 ill->ill_phys_addr_length != ETHERADDRL) { 17455 ip_mbcast_mapping(ill, m_ipaddr, m_physaddr); 17456 return; 17457 } 17458 m_physaddr[0] = 0x01; 17459 m_physaddr[1] = 0x00; 17460 m_physaddr[2] = 0x5e; 17461 m_physaddr[3] = m_ipaddr[1] & 0x7f; 17462 m_physaddr[4] = m_ipaddr[2]; 17463 m_physaddr[5] = m_ipaddr[3]; 17464 } 17465 17466 /* ARGSUSED */ 17467 static void 17468 ip_mbcast_mapping(ill_t *ill, uchar_t *m_ipaddr, uchar_t *m_physaddr) 17469 { 17470 /* 17471 * for the MULTI_BCAST case and other cases when we want to 17472 * use the link-layer broadcast address for multicast. 17473 */ 17474 uint8_t *bphys_addr; 17475 dl_unitdata_req_t *dlur; 17476 17477 dlur = (dl_unitdata_req_t *)ill->ill_bcast_mp->b_rptr; 17478 if (ill->ill_sap_length < 0) { 17479 bphys_addr = (uchar_t *)dlur + 17480 dlur->dl_dest_addr_offset; 17481 } else { 17482 bphys_addr = (uchar_t *)dlur + 17483 dlur->dl_dest_addr_offset + ill->ill_sap_length; 17484 } 17485 17486 bcopy(bphys_addr, m_physaddr, ill->ill_phys_addr_length); 17487 } 17488 17489 /* 17490 * Derive IPoIB interface id from the link layer address. 17491 */ 17492 static void 17493 ip_ib_v6intfid(ill_t *ill, in6_addr_t *v6addr) 17494 { 17495 char *addr; 17496 17497 ASSERT(ill->ill_phys_addr_length == 20); 17498 addr = (char *)&v6addr->s6_addr32[2]; 17499 bcopy(ill->ill_phys_addr + 12, addr, 8); 17500 /* 17501 * In IBA 1.1 timeframe, some vendors erroneously set the u/l bit 17502 * in the globally assigned EUI-64 GUID to 1, in violation of IEEE 17503 * rules. In these cases, the IBA considers these GUIDs to be in 17504 * "Modified EUI-64" format, and thus toggling the u/l bit is not 17505 * required; vendors are required not to assign global EUI-64's 17506 * that differ only in u/l bit values, thus guaranteeing uniqueness 17507 * of the interface identifier. Whether the GUID is in modified 17508 * or proper EUI-64 format, the ipv6 identifier must have the u/l 17509 * bit set to 1. 17510 */ 17511 addr[0] |= 2; /* Set Universal/Local bit to 1 */ 17512 } 17513 17514 /* 17515 * Map the multicast ipaddr_t in m_ipaddr to the physaddr for InfiniBand. 17516 * Note on mapping from multicast IP addresses to IPoIB multicast link 17517 * addresses. IPoIB multicast link addresses are based on IBA link addresses. 17518 * The format of an IPoIB multicast address is: 17519 * 17520 * 4 byte QPN Scope Sign. Pkey 17521 * +--------------------------------------------+ 17522 * | 00FFFFFF | FF | 1X | X01B | Pkey | GroupID | 17523 * +--------------------------------------------+ 17524 * 17525 * The Scope and Pkey components are properties of the IBA port and 17526 * network interface. They can be ascertained from the broadcast address. 17527 * The Sign. part is the signature, and is 401B for IPv4 and 601B for IPv6. 17528 */ 17529 static void 17530 ip_ib_v4_mapping(ill_t *ill, uchar_t *m_ipaddr, uchar_t *m_physaddr) 17531 { 17532 static uint8_t ipv4_g_phys_ibmulti_addr[] = { 0x00, 0xff, 0xff, 0xff, 17533 0xff, 0x10, 0x40, 0x1b, 0x00, 0x00, 0x00, 0x00, 17534 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }; 17535 uint8_t *bphys_addr; 17536 dl_unitdata_req_t *dlur; 17537 17538 bcopy(ipv4_g_phys_ibmulti_addr, m_physaddr, ill->ill_phys_addr_length); 17539 17540 /* 17541 * RFC 4391: IPv4 MGID is 28-bit long. 17542 */ 17543 m_physaddr[16] = m_ipaddr[0] & 0x0f; 17544 m_physaddr[17] = m_ipaddr[1]; 17545 m_physaddr[18] = m_ipaddr[2]; 17546 m_physaddr[19] = m_ipaddr[3]; 17547 17548 17549 dlur = (dl_unitdata_req_t *)ill->ill_bcast_mp->b_rptr; 17550 if (ill->ill_sap_length < 0) { 17551 bphys_addr = (uchar_t *)dlur + dlur->dl_dest_addr_offset; 17552 } else { 17553 bphys_addr = (uchar_t *)dlur + dlur->dl_dest_addr_offset + 17554 ill->ill_sap_length; 17555 } 17556 /* 17557 * Now fill in the IBA scope/Pkey values from the broadcast address. 17558 */ 17559 m_physaddr[5] = bphys_addr[5]; 17560 m_physaddr[8] = bphys_addr[8]; 17561 m_physaddr[9] = bphys_addr[9]; 17562 } 17563 17564 static void 17565 ip_ib_v6_mapping(ill_t *ill, uchar_t *m_ipaddr, uchar_t *m_physaddr) 17566 { 17567 static uint8_t ipv4_g_phys_ibmulti_addr[] = { 0x00, 0xff, 0xff, 0xff, 17568 0xff, 0x10, 0x60, 0x1b, 0x00, 0x00, 0x00, 0x00, 17569 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }; 17570 uint8_t *bphys_addr; 17571 dl_unitdata_req_t *dlur; 17572 17573 bcopy(ipv4_g_phys_ibmulti_addr, m_physaddr, ill->ill_phys_addr_length); 17574 17575 /* 17576 * RFC 4391: IPv4 MGID is 80-bit long. 17577 */ 17578 bcopy(&m_ipaddr[6], &m_physaddr[10], 10); 17579 17580 dlur = (dl_unitdata_req_t *)ill->ill_bcast_mp->b_rptr; 17581 if (ill->ill_sap_length < 0) { 17582 bphys_addr = (uchar_t *)dlur + dlur->dl_dest_addr_offset; 17583 } else { 17584 bphys_addr = (uchar_t *)dlur + dlur->dl_dest_addr_offset + 17585 ill->ill_sap_length; 17586 } 17587 /* 17588 * Now fill in the IBA scope/Pkey values from the broadcast address. 17589 */ 17590 m_physaddr[5] = bphys_addr[5]; 17591 m_physaddr[8] = bphys_addr[8]; 17592 m_physaddr[9] = bphys_addr[9]; 17593 } 17594 17595 /* 17596 * Derive IPv6 interface id from an IPv4 link-layer address (e.g. from an IPv4 17597 * tunnel). The IPv4 address simply get placed in the lower 4 bytes of the 17598 * IPv6 interface id. This is a suggested mechanism described in section 3.7 17599 * of RFC4213. 17600 */ 17601 static void 17602 ip_ipv4_genv6intfid(ill_t *ill, uint8_t *physaddr, in6_addr_t *v6addr) 17603 { 17604 ASSERT(ill->ill_phys_addr_length == sizeof (ipaddr_t)); 17605 v6addr->s6_addr32[2] = 0; 17606 bcopy(physaddr, &v6addr->s6_addr32[3], sizeof (ipaddr_t)); 17607 } 17608 17609 /* 17610 * Derive IPv6 interface id from an IPv6 link-layer address (e.g. from an IPv6 17611 * tunnel). The lower 8 bytes of the IPv6 address simply become the interface 17612 * id. 17613 */ 17614 static void 17615 ip_ipv6_genv6intfid(ill_t *ill, uint8_t *physaddr, in6_addr_t *v6addr) 17616 { 17617 in6_addr_t *v6lladdr = (in6_addr_t *)physaddr; 17618 17619 ASSERT(ill->ill_phys_addr_length == sizeof (in6_addr_t)); 17620 bcopy(&v6lladdr->s6_addr32[2], &v6addr->s6_addr32[2], 8); 17621 } 17622 17623 static void 17624 ip_ipv6_v6intfid(ill_t *ill, in6_addr_t *v6addr) 17625 { 17626 ip_ipv6_genv6intfid(ill, ill->ill_phys_addr, v6addr); 17627 } 17628 17629 static void 17630 ip_ipv6_v6destintfid(ill_t *ill, in6_addr_t *v6addr) 17631 { 17632 ip_ipv6_genv6intfid(ill, ill->ill_dest_addr, v6addr); 17633 } 17634 17635 static void 17636 ip_ipv4_v6intfid(ill_t *ill, in6_addr_t *v6addr) 17637 { 17638 ip_ipv4_genv6intfid(ill, ill->ill_phys_addr, v6addr); 17639 } 17640 17641 static void 17642 ip_ipv4_v6destintfid(ill_t *ill, in6_addr_t *v6addr) 17643 { 17644 ip_ipv4_genv6intfid(ill, ill->ill_dest_addr, v6addr); 17645 } 17646 17647 /* 17648 * Lookup an ill and verify that the zoneid has an ipif on that ill. 17649 * Returns an held ill, or NULL. 17650 */ 17651 ill_t * 17652 ill_lookup_on_ifindex_zoneid(uint_t index, zoneid_t zoneid, boolean_t isv6, 17653 ip_stack_t *ipst) 17654 { 17655 ill_t *ill; 17656 ipif_t *ipif; 17657 17658 ill = ill_lookup_on_ifindex(index, isv6, ipst); 17659 if (ill == NULL) 17660 return (NULL); 17661 17662 mutex_enter(&ill->ill_lock); 17663 for (ipif = ill->ill_ipif; ipif != NULL; ipif = ipif->ipif_next) { 17664 if (IPIF_IS_CONDEMNED(ipif)) 17665 continue; 17666 if (zoneid != ALL_ZONES && ipif->ipif_zoneid != zoneid && 17667 ipif->ipif_zoneid != ALL_ZONES) 17668 continue; 17669 17670 mutex_exit(&ill->ill_lock); 17671 return (ill); 17672 } 17673 mutex_exit(&ill->ill_lock); 17674 ill_refrele(ill); 17675 return (NULL); 17676 } 17677 17678 /* 17679 * Return a pointer to an ipif_t given a combination of (ill_idx,ipif_id) 17680 * If a pointer to an ipif_t is returned then the caller will need to do 17681 * an ill_refrele(). 17682 */ 17683 ipif_t * 17684 ipif_getby_indexes(uint_t ifindex, uint_t lifidx, boolean_t isv6, 17685 ip_stack_t *ipst) 17686 { 17687 ipif_t *ipif; 17688 ill_t *ill; 17689 17690 ill = ill_lookup_on_ifindex(ifindex, isv6, ipst); 17691 if (ill == NULL) 17692 return (NULL); 17693 17694 mutex_enter(&ill->ill_lock); 17695 if (ill->ill_state_flags & ILL_CONDEMNED) { 17696 mutex_exit(&ill->ill_lock); 17697 ill_refrele(ill); 17698 return (NULL); 17699 } 17700 17701 for (ipif = ill->ill_ipif; ipif != NULL; ipif = ipif->ipif_next) { 17702 if (!IPIF_CAN_LOOKUP(ipif)) 17703 continue; 17704 if (lifidx == ipif->ipif_id) { 17705 ipif_refhold_locked(ipif); 17706 break; 17707 } 17708 } 17709 17710 mutex_exit(&ill->ill_lock); 17711 ill_refrele(ill); 17712 return (ipif); 17713 } 17714 17715 /* 17716 * Set ill_inputfn based on the current know state. 17717 * This needs to be called when any of the factors taken into 17718 * account changes. 17719 */ 17720 void 17721 ill_set_inputfn(ill_t *ill) 17722 { 17723 ip_stack_t *ipst = ill->ill_ipst; 17724 17725 if (ill->ill_isv6) { 17726 if (is_system_labeled()) 17727 ill->ill_inputfn = ill_input_full_v6; 17728 else 17729 ill->ill_inputfn = ill_input_short_v6; 17730 } else { 17731 if (is_system_labeled()) 17732 ill->ill_inputfn = ill_input_full_v4; 17733 else if (ill->ill_dhcpinit != 0) 17734 ill->ill_inputfn = ill_input_full_v4; 17735 else if (ipst->ips_ipcl_proto_fanout_v4[IPPROTO_RSVP].connf_head 17736 != NULL) 17737 ill->ill_inputfn = ill_input_full_v4; 17738 else if (ipst->ips_ip_cgtp_filter && 17739 ipst->ips_ip_cgtp_filter_ops != NULL) 17740 ill->ill_inputfn = ill_input_full_v4; 17741 else 17742 ill->ill_inputfn = ill_input_short_v4; 17743 } 17744 } 17745 17746 /* 17747 * Re-evaluate ill_inputfn for all the IPv4 ills. 17748 * Used when RSVP and CGTP comes and goes. 17749 */ 17750 void 17751 ill_set_inputfn_all(ip_stack_t *ipst) 17752 { 17753 ill_walk_context_t ctx; 17754 ill_t *ill; 17755 17756 rw_enter(&ipst->ips_ill_g_lock, RW_READER); 17757 ill = ILL_START_WALK_V4(&ctx, ipst); 17758 for (; ill != NULL; ill = ill_next(&ctx, ill)) 17759 ill_set_inputfn(ill); 17760 17761 rw_exit(&ipst->ips_ill_g_lock); 17762 } 17763 17764 /* 17765 * Set the physical address information for `ill' to the contents of the 17766 * dl_notify_ind_t pointed to by `mp'. Must be called as writer, and will be 17767 * asynchronous if `ill' cannot immediately be quiesced -- in which case 17768 * EINPROGRESS will be returned. 17769 */ 17770 int 17771 ill_set_phys_addr(ill_t *ill, mblk_t *mp) 17772 { 17773 ipsq_t *ipsq = ill->ill_phyint->phyint_ipsq; 17774 dl_notify_ind_t *dlindp = (dl_notify_ind_t *)mp->b_rptr; 17775 17776 ASSERT(IAM_WRITER_IPSQ(ipsq)); 17777 17778 if (dlindp->dl_data != DL_IPV6_LINK_LAYER_ADDR && 17779 dlindp->dl_data != DL_CURR_DEST_ADDR && 17780 dlindp->dl_data != DL_CURR_PHYS_ADDR) { 17781 /* Changing DL_IPV6_TOKEN is not yet supported */ 17782 return (0); 17783 } 17784 17785 /* 17786 * We need to store up to two copies of `mp' in `ill'. Due to the 17787 * design of ipsq_pending_mp_add(), we can't pass them as separate 17788 * arguments to ill_set_phys_addr_tail(). Instead, chain them 17789 * together here, then pull 'em apart in ill_set_phys_addr_tail(). 17790 */ 17791 if ((mp = copyb(mp)) == NULL || (mp->b_cont = copyb(mp)) == NULL) { 17792 freemsg(mp); 17793 return (ENOMEM); 17794 } 17795 17796 ipsq_current_start(ipsq, ill->ill_ipif, 0); 17797 17798 /* 17799 * Since we'll only do a logical down, we can't rely on ipif_down 17800 * to turn on ILL_DOWN_IN_PROGRESS, or for the DL_BIND_ACK to reset 17801 * ILL_DOWN_IN_PROGRESS. We instead manage this separately for this 17802 * case, to quiesce ire's and nce's for ill_is_quiescent. 17803 */ 17804 mutex_enter(&ill->ill_lock); 17805 ill->ill_state_flags |= ILL_DOWN_IN_PROGRESS; 17806 /* no more ire/nce addition allowed */ 17807 mutex_exit(&ill->ill_lock); 17808 17809 /* 17810 * If we can quiesce the ill, then set the address. If not, then 17811 * ill_set_phys_addr_tail() will be called from ipif_ill_refrele_tail(). 17812 */ 17813 ill_down_ipifs(ill, B_TRUE); 17814 mutex_enter(&ill->ill_lock); 17815 if (!ill_is_quiescent(ill)) { 17816 /* call cannot fail since `conn_t *' argument is NULL */ 17817 (void) ipsq_pending_mp_add(NULL, ill->ill_ipif, ill->ill_rq, 17818 mp, ILL_DOWN); 17819 mutex_exit(&ill->ill_lock); 17820 return (EINPROGRESS); 17821 } 17822 mutex_exit(&ill->ill_lock); 17823 17824 ill_set_phys_addr_tail(ipsq, ill->ill_rq, mp, NULL); 17825 return (0); 17826 } 17827 17828 /* 17829 * When the allowed-ips link property is set on the datalink, IP receives a 17830 * DL_NOTE_ALLOWED_IPS notification that is processed in ill_set_allowed_ips() 17831 * to initialize the ill_allowed_ips[] array in the ill_t. This array is then 17832 * used to vet addresses passed to ip_sioctl_addr() and to ensure that the 17833 * only IP addresses configured on the ill_t are those in the ill_allowed_ips[] 17834 * array. 17835 */ 17836 void 17837 ill_set_allowed_ips(ill_t *ill, mblk_t *mp) 17838 { 17839 ipsq_t *ipsq = ill->ill_phyint->phyint_ipsq; 17840 dl_notify_ind_t *dlip = (dl_notify_ind_t *)mp->b_rptr; 17841 mac_protect_t *mrp; 17842 int i; 17843 17844 ASSERT(IAM_WRITER_IPSQ(ipsq)); 17845 mrp = (mac_protect_t *)&dlip[1]; 17846 17847 if (mrp->mp_ipaddrcnt == 0) { /* reset allowed-ips */ 17848 kmem_free(ill->ill_allowed_ips, 17849 ill->ill_allowed_ips_cnt * sizeof (in6_addr_t)); 17850 ill->ill_allowed_ips_cnt = 0; 17851 ill->ill_allowed_ips = NULL; 17852 mutex_enter(&ill->ill_phyint->phyint_lock); 17853 ill->ill_phyint->phyint_flags &= ~PHYI_L3PROTECT; 17854 mutex_exit(&ill->ill_phyint->phyint_lock); 17855 return; 17856 } 17857 17858 if (ill->ill_allowed_ips != NULL) { 17859 kmem_free(ill->ill_allowed_ips, 17860 ill->ill_allowed_ips_cnt * sizeof (in6_addr_t)); 17861 } 17862 ill->ill_allowed_ips_cnt = mrp->mp_ipaddrcnt; 17863 ill->ill_allowed_ips = kmem_alloc( 17864 ill->ill_allowed_ips_cnt * sizeof (in6_addr_t), KM_SLEEP); 17865 for (i = 0; i < mrp->mp_ipaddrcnt; i++) 17866 ill->ill_allowed_ips[i] = mrp->mp_ipaddrs[i].ip_addr; 17867 17868 mutex_enter(&ill->ill_phyint->phyint_lock); 17869 ill->ill_phyint->phyint_flags |= PHYI_L3PROTECT; 17870 mutex_exit(&ill->ill_phyint->phyint_lock); 17871 } 17872 17873 /* 17874 * Once the ill associated with `q' has quiesced, set its physical address 17875 * information to the values in `addrmp'. Note that two copies of `addrmp' 17876 * are passed (linked by b_cont), since we sometimes need to save two distinct 17877 * copies in the ill_t, and our context doesn't permit sleeping or allocation 17878 * failure (we'll free the other copy if it's not needed). Since the ill_t 17879 * is quiesced, we know any stale nce's with the old address information have 17880 * already been removed, so we don't need to call nce_flush(). 17881 */ 17882 /* ARGSUSED */ 17883 static void 17884 ill_set_phys_addr_tail(ipsq_t *ipsq, queue_t *q, mblk_t *addrmp, void *dummy) 17885 { 17886 ill_t *ill = q->q_ptr; 17887 mblk_t *addrmp2 = unlinkb(addrmp); 17888 dl_notify_ind_t *dlindp = (dl_notify_ind_t *)addrmp->b_rptr; 17889 uint_t addrlen, addroff; 17890 int status; 17891 17892 ASSERT(IAM_WRITER_IPSQ(ipsq)); 17893 17894 addroff = dlindp->dl_addr_offset; 17895 addrlen = dlindp->dl_addr_length - ABS(ill->ill_sap_length); 17896 17897 switch (dlindp->dl_data) { 17898 case DL_IPV6_LINK_LAYER_ADDR: 17899 ill_set_ndmp(ill, addrmp, addroff, addrlen); 17900 freemsg(addrmp2); 17901 break; 17902 17903 case DL_CURR_DEST_ADDR: 17904 freemsg(ill->ill_dest_addr_mp); 17905 ill->ill_dest_addr = addrmp->b_rptr + addroff; 17906 ill->ill_dest_addr_mp = addrmp; 17907 if (ill->ill_isv6) { 17908 ill_setdesttoken(ill); 17909 ipif_setdestlinklocal(ill->ill_ipif); 17910 } 17911 freemsg(addrmp2); 17912 break; 17913 17914 case DL_CURR_PHYS_ADDR: 17915 freemsg(ill->ill_phys_addr_mp); 17916 ill->ill_phys_addr = addrmp->b_rptr + addroff; 17917 ill->ill_phys_addr_mp = addrmp; 17918 ill->ill_phys_addr_length = addrlen; 17919 if (ill->ill_isv6) 17920 ill_set_ndmp(ill, addrmp2, addroff, addrlen); 17921 else 17922 freemsg(addrmp2); 17923 if (ill->ill_isv6) { 17924 ill_setdefaulttoken(ill); 17925 ipif_setlinklocal(ill->ill_ipif); 17926 } 17927 break; 17928 default: 17929 ASSERT(0); 17930 } 17931 17932 /* 17933 * reset ILL_DOWN_IN_PROGRESS so that we can successfully add ires 17934 * as we bring the ipifs up again. 17935 */ 17936 mutex_enter(&ill->ill_lock); 17937 ill->ill_state_flags &= ~ILL_DOWN_IN_PROGRESS; 17938 mutex_exit(&ill->ill_lock); 17939 /* 17940 * If there are ipifs to bring up, ill_up_ipifs() will return 17941 * EINPROGRESS, and ipsq_current_finish() will be called by 17942 * ip_rput_dlpi_writer() or arp_bringup_done() when the last ipif is 17943 * brought up. 17944 */ 17945 status = ill_up_ipifs(ill, q, addrmp); 17946 if (status != EINPROGRESS) 17947 ipsq_current_finish(ipsq); 17948 } 17949 17950 /* 17951 * Helper routine for setting the ill_nd_lla fields. 17952 */ 17953 void 17954 ill_set_ndmp(ill_t *ill, mblk_t *ndmp, uint_t addroff, uint_t addrlen) 17955 { 17956 freemsg(ill->ill_nd_lla_mp); 17957 ill->ill_nd_lla = ndmp->b_rptr + addroff; 17958 ill->ill_nd_lla_mp = ndmp; 17959 ill->ill_nd_lla_len = addrlen; 17960 } 17961 17962 /* 17963 * Replumb the ill. 17964 */ 17965 int 17966 ill_replumb(ill_t *ill, mblk_t *mp) 17967 { 17968 ipsq_t *ipsq = ill->ill_phyint->phyint_ipsq; 17969 17970 ASSERT(IAM_WRITER_IPSQ(ipsq)); 17971 17972 ipsq_current_start(ipsq, ill->ill_ipif, 0); 17973 17974 /* 17975 * If we can quiesce the ill, then continue. If not, then 17976 * ill_replumb_tail() will be called from ipif_ill_refrele_tail(). 17977 */ 17978 ill_down_ipifs(ill, B_FALSE); 17979 17980 mutex_enter(&ill->ill_lock); 17981 if (!ill_is_quiescent(ill)) { 17982 /* call cannot fail since `conn_t *' argument is NULL */ 17983 (void) ipsq_pending_mp_add(NULL, ill->ill_ipif, ill->ill_rq, 17984 mp, ILL_DOWN); 17985 mutex_exit(&ill->ill_lock); 17986 return (EINPROGRESS); 17987 } 17988 mutex_exit(&ill->ill_lock); 17989 17990 ill_replumb_tail(ipsq, ill->ill_rq, mp, NULL); 17991 return (0); 17992 } 17993 17994 /* ARGSUSED */ 17995 static void 17996 ill_replumb_tail(ipsq_t *ipsq, queue_t *q, mblk_t *mp, void *dummy) 17997 { 17998 ill_t *ill = q->q_ptr; 17999 int err; 18000 conn_t *connp = NULL; 18001 18002 ASSERT(IAM_WRITER_IPSQ(ipsq)); 18003 freemsg(ill->ill_replumb_mp); 18004 ill->ill_replumb_mp = copyb(mp); 18005 18006 if (ill->ill_replumb_mp == NULL) { 18007 /* out of memory */ 18008 ipsq_current_finish(ipsq); 18009 return; 18010 } 18011 18012 mutex_enter(&ill->ill_lock); 18013 ill->ill_up_ipifs = ipsq_pending_mp_add(NULL, ill->ill_ipif, 18014 ill->ill_rq, ill->ill_replumb_mp, 0); 18015 mutex_exit(&ill->ill_lock); 18016 18017 if (!ill->ill_up_ipifs) { 18018 /* already closing */ 18019 ipsq_current_finish(ipsq); 18020 return; 18021 } 18022 ill->ill_replumbing = 1; 18023 err = ill_down_ipifs_tail(ill); 18024 18025 /* 18026 * Successfully quiesced and brought down the interface, now we send 18027 * the DL_NOTE_REPLUMB_DONE message down to the driver. Reuse the 18028 * DL_NOTE_REPLUMB message. 18029 */ 18030 mp = mexchange(NULL, mp, sizeof (dl_notify_conf_t), M_PROTO, 18031 DL_NOTIFY_CONF); 18032 ASSERT(mp != NULL); 18033 ((dl_notify_conf_t *)mp->b_rptr)->dl_notification = 18034 DL_NOTE_REPLUMB_DONE; 18035 ill_dlpi_send(ill, mp); 18036 18037 /* 18038 * For IPv4, we would usually get EINPROGRESS because the ETHERTYPE_ARP 18039 * streams have to be unbound. When all the DLPI exchanges are done, 18040 * ipsq_current_finish() will be called by arp_bringup_done(). The 18041 * remainder of ipif bringup via ill_up_ipifs() will also be done in 18042 * arp_bringup_done(). 18043 */ 18044 ASSERT(ill->ill_replumb_mp != NULL); 18045 if (err == EINPROGRESS) 18046 return; 18047 else 18048 ill->ill_replumb_mp = ipsq_pending_mp_get(ipsq, &connp); 18049 ASSERT(connp == NULL); 18050 if (err == 0 && ill->ill_replumb_mp != NULL && 18051 ill_up_ipifs(ill, q, ill->ill_replumb_mp) == EINPROGRESS) { 18052 return; 18053 } 18054 ipsq_current_finish(ipsq); 18055 } 18056 18057 /* 18058 * Issue ioctl `cmd' on `lh'; caller provides the initial payload in `buf' 18059 * which is `bufsize' bytes. On success, zero is returned and `buf' updated 18060 * as per the ioctl. On failure, an errno is returned. 18061 */ 18062 static int 18063 ip_ioctl(ldi_handle_t lh, int cmd, void *buf, uint_t bufsize, cred_t *cr) 18064 { 18065 int rval; 18066 struct strioctl iocb; 18067 18068 iocb.ic_cmd = cmd; 18069 iocb.ic_timout = 15; 18070 iocb.ic_len = bufsize; 18071 iocb.ic_dp = buf; 18072 18073 return (ldi_ioctl(lh, I_STR, (intptr_t)&iocb, FKIOCTL, cr, &rval)); 18074 } 18075 18076 /* 18077 * Issue an SIOCGLIFCONF for address family `af' and store the result into a 18078 * dynamically-allocated `lifcp' that will be `bufsizep' bytes on success. 18079 */ 18080 static int 18081 ip_lifconf_ioctl(ldi_handle_t lh, int af, struct lifconf *lifcp, 18082 uint_t *bufsizep, cred_t *cr) 18083 { 18084 int err; 18085 struct lifnum lifn; 18086 18087 bzero(&lifn, sizeof (lifn)); 18088 lifn.lifn_family = af; 18089 lifn.lifn_flags = LIFC_UNDER_IPMP; 18090 18091 if ((err = ip_ioctl(lh, SIOCGLIFNUM, &lifn, sizeof (lifn), cr)) != 0) 18092 return (err); 18093 18094 /* 18095 * Pad the interface count to account for additional interfaces that 18096 * may have been configured between the SIOCGLIFNUM and SIOCGLIFCONF. 18097 */ 18098 lifn.lifn_count += 4; 18099 bzero(lifcp, sizeof (*lifcp)); 18100 lifcp->lifc_flags = LIFC_UNDER_IPMP; 18101 lifcp->lifc_family = af; 18102 lifcp->lifc_len = *bufsizep = lifn.lifn_count * sizeof (struct lifreq); 18103 lifcp->lifc_buf = kmem_zalloc(*bufsizep, KM_SLEEP); 18104 18105 err = ip_ioctl(lh, SIOCGLIFCONF, lifcp, sizeof (*lifcp), cr); 18106 if (err != 0) { 18107 kmem_free(lifcp->lifc_buf, *bufsizep); 18108 return (err); 18109 } 18110 18111 return (0); 18112 } 18113 18114 /* 18115 * Helper for ip_interface_cleanup() that removes the loopback interface. 18116 */ 18117 static void 18118 ip_loopback_removeif(ldi_handle_t lh, boolean_t isv6, cred_t *cr) 18119 { 18120 int err; 18121 struct lifreq lifr; 18122 18123 bzero(&lifr, sizeof (lifr)); 18124 (void) strcpy(lifr.lifr_name, ipif_loopback_name); 18125 18126 /* 18127 * Attempt to remove the interface. It may legitimately not exist 18128 * (e.g. the zone administrator unplumbed it), so ignore ENXIO. 18129 */ 18130 err = ip_ioctl(lh, SIOCLIFREMOVEIF, &lifr, sizeof (lifr), cr); 18131 if (err != 0 && err != ENXIO) { 18132 ip0dbg(("ip_loopback_removeif: IP%s SIOCLIFREMOVEIF failed: " 18133 "error %d\n", isv6 ? "v6" : "v4", err)); 18134 } 18135 } 18136 18137 /* 18138 * Helper for ip_interface_cleanup() that ensures no IP interfaces are in IPMP 18139 * groups and that IPMP data addresses are down. These conditions must be met 18140 * so that IPMP interfaces can be I_PUNLINK'd, as per ip_sioctl_plink_ipmp(). 18141 */ 18142 static void 18143 ip_ipmp_cleanup(ldi_handle_t lh, boolean_t isv6, cred_t *cr) 18144 { 18145 int af = isv6 ? AF_INET6 : AF_INET; 18146 int i, nifs; 18147 int err; 18148 uint_t bufsize; 18149 uint_t lifrsize = sizeof (struct lifreq); 18150 struct lifconf lifc; 18151 struct lifreq *lifrp; 18152 18153 if ((err = ip_lifconf_ioctl(lh, af, &lifc, &bufsize, cr)) != 0) { 18154 cmn_err(CE_WARN, "ip_ipmp_cleanup: cannot get interface list " 18155 "(error %d); any IPMP interfaces cannot be shutdown", err); 18156 return; 18157 } 18158 18159 nifs = lifc.lifc_len / lifrsize; 18160 for (lifrp = lifc.lifc_req, i = 0; i < nifs; i++, lifrp++) { 18161 err = ip_ioctl(lh, SIOCGLIFFLAGS, lifrp, lifrsize, cr); 18162 if (err != 0) { 18163 cmn_err(CE_WARN, "ip_ipmp_cleanup: %s: cannot get " 18164 "flags: error %d", lifrp->lifr_name, err); 18165 continue; 18166 } 18167 18168 if (lifrp->lifr_flags & IFF_IPMP) { 18169 if ((lifrp->lifr_flags & (IFF_UP|IFF_DUPLICATE)) == 0) 18170 continue; 18171 18172 lifrp->lifr_flags &= ~IFF_UP; 18173 err = ip_ioctl(lh, SIOCSLIFFLAGS, lifrp, lifrsize, cr); 18174 if (err != 0) { 18175 cmn_err(CE_WARN, "ip_ipmp_cleanup: %s: cannot " 18176 "bring down (error %d); IPMP interface may " 18177 "not be shutdown", lifrp->lifr_name, err); 18178 } 18179 18180 /* 18181 * Check if IFF_DUPLICATE is still set -- and if so, 18182 * reset the address to clear it. 18183 */ 18184 err = ip_ioctl(lh, SIOCGLIFFLAGS, lifrp, lifrsize, cr); 18185 if (err != 0 || !(lifrp->lifr_flags & IFF_DUPLICATE)) 18186 continue; 18187 18188 err = ip_ioctl(lh, SIOCGLIFADDR, lifrp, lifrsize, cr); 18189 if (err != 0 || (err = ip_ioctl(lh, SIOCGLIFADDR, 18190 lifrp, lifrsize, cr)) != 0) { 18191 cmn_err(CE_WARN, "ip_ipmp_cleanup: %s: cannot " 18192 "reset DAD (error %d); IPMP interface may " 18193 "not be shutdown", lifrp->lifr_name, err); 18194 } 18195 continue; 18196 } 18197 18198 if (strchr(lifrp->lifr_name, IPIF_SEPARATOR_CHAR) == 0) { 18199 lifrp->lifr_groupname[0] = '\0'; 18200 if ((err = ip_ioctl(lh, SIOCSLIFGROUPNAME, lifrp, 18201 lifrsize, cr)) != 0) { 18202 cmn_err(CE_WARN, "ip_ipmp_cleanup: %s: cannot " 18203 "leave IPMP group (error %d); associated " 18204 "IPMP interface may not be shutdown", 18205 lifrp->lifr_name, err); 18206 continue; 18207 } 18208 } 18209 } 18210 18211 kmem_free(lifc.lifc_buf, bufsize); 18212 } 18213 18214 #define UDPDEV "/devices/pseudo/udp@0:udp" 18215 #define UDP6DEV "/devices/pseudo/udp6@0:udp6" 18216 18217 /* 18218 * Remove the loopback interfaces and prep the IPMP interfaces to be torn down. 18219 * Non-loopback interfaces are either I_LINK'd or I_PLINK'd; the former go away 18220 * when the user-level processes in the zone are killed and the latter are 18221 * cleaned up by str_stack_shutdown(). 18222 */ 18223 void 18224 ip_interface_cleanup(ip_stack_t *ipst) 18225 { 18226 ldi_handle_t lh; 18227 ldi_ident_t li; 18228 cred_t *cr; 18229 int err; 18230 int i; 18231 char *devs[] = { UDP6DEV, UDPDEV }; 18232 netstackid_t stackid = ipst->ips_netstack->netstack_stackid; 18233 18234 if ((err = ldi_ident_from_major(ddi_name_to_major("ip"), &li)) != 0) { 18235 cmn_err(CE_WARN, "ip_interface_cleanup: cannot get ldi ident:" 18236 " error %d", err); 18237 return; 18238 } 18239 18240 cr = zone_get_kcred(netstackid_to_zoneid(stackid)); 18241 ASSERT(cr != NULL); 18242 18243 /* 18244 * NOTE: loop executes exactly twice and is hardcoded to know that the 18245 * first iteration is IPv6. (Unrolling yields repetitious code, hence 18246 * the loop.) 18247 */ 18248 for (i = 0; i < 2; i++) { 18249 err = ldi_open_by_name(devs[i], FREAD|FWRITE, cr, &lh, li); 18250 if (err != 0) { 18251 cmn_err(CE_WARN, "ip_interface_cleanup: cannot open %s:" 18252 " error %d", devs[i], err); 18253 continue; 18254 } 18255 18256 ip_loopback_removeif(lh, i == 0, cr); 18257 ip_ipmp_cleanup(lh, i == 0, cr); 18258 18259 (void) ldi_close(lh, FREAD|FWRITE, cr); 18260 } 18261 18262 ldi_ident_release(li); 18263 crfree(cr); 18264 } 18265 18266 /* 18267 * This needs to be in-sync with nic_event_t definition 18268 */ 18269 static const char * 18270 ill_hook_event2str(nic_event_t event) 18271 { 18272 switch (event) { 18273 case NE_PLUMB: 18274 return ("PLUMB"); 18275 case NE_UNPLUMB: 18276 return ("UNPLUMB"); 18277 case NE_UP: 18278 return ("UP"); 18279 case NE_DOWN: 18280 return ("DOWN"); 18281 case NE_ADDRESS_CHANGE: 18282 return ("ADDRESS_CHANGE"); 18283 case NE_LIF_UP: 18284 return ("LIF_UP"); 18285 case NE_LIF_DOWN: 18286 return ("LIF_DOWN"); 18287 case NE_IFINDEX_CHANGE: 18288 return ("IFINDEX_CHANGE"); 18289 default: 18290 return ("UNKNOWN"); 18291 } 18292 } 18293 18294 void 18295 ill_nic_event_dispatch(ill_t *ill, lif_if_t lif, nic_event_t event, 18296 nic_event_data_t data, size_t datalen) 18297 { 18298 ip_stack_t *ipst = ill->ill_ipst; 18299 hook_nic_event_int_t *info; 18300 const char *str = NULL; 18301 18302 /* create a new nic event info */ 18303 if ((info = kmem_alloc(sizeof (*info), KM_NOSLEEP)) == NULL) 18304 goto fail; 18305 18306 info->hnei_event.hne_nic = ill->ill_phyint->phyint_ifindex; 18307 info->hnei_event.hne_lif = lif; 18308 info->hnei_event.hne_event = event; 18309 info->hnei_event.hne_protocol = ill->ill_isv6 ? 18310 ipst->ips_ipv6_net_data : ipst->ips_ipv4_net_data; 18311 info->hnei_event.hne_data = NULL; 18312 info->hnei_event.hne_datalen = 0; 18313 info->hnei_stackid = ipst->ips_netstack->netstack_stackid; 18314 18315 if (data != NULL && datalen != 0) { 18316 info->hnei_event.hne_data = kmem_alloc(datalen, KM_NOSLEEP); 18317 if (info->hnei_event.hne_data == NULL) 18318 goto fail; 18319 bcopy(data, info->hnei_event.hne_data, datalen); 18320 info->hnei_event.hne_datalen = datalen; 18321 } 18322 18323 if (ddi_taskq_dispatch(eventq_queue_nic, ip_ne_queue_func, info, 18324 DDI_NOSLEEP) == DDI_SUCCESS) 18325 return; 18326 18327 fail: 18328 if (info != NULL) { 18329 if (info->hnei_event.hne_data != NULL) { 18330 kmem_free(info->hnei_event.hne_data, 18331 info->hnei_event.hne_datalen); 18332 } 18333 kmem_free(info, sizeof (hook_nic_event_t)); 18334 } 18335 str = ill_hook_event2str(event); 18336 ip2dbg(("ill_nic_event_dispatch: could not dispatch %s nic event " 18337 "information for %s (ENOMEM)\n", str, ill->ill_name)); 18338 } 18339 18340 static int 18341 ipif_arp_up_done_tail(ipif_t *ipif, enum ip_resolver_action res_act) 18342 { 18343 int err = 0; 18344 const in_addr_t *addr = NULL; 18345 nce_t *nce = NULL; 18346 ill_t *ill = ipif->ipif_ill; 18347 ill_t *bound_ill; 18348 boolean_t added_ipif = B_FALSE; 18349 uint16_t state; 18350 uint16_t flags; 18351 18352 DTRACE_PROBE3(ipif__downup, char *, "ipif_arp_up_done_tail", 18353 ill_t *, ill, ipif_t *, ipif); 18354 if (ipif->ipif_lcl_addr != INADDR_ANY) { 18355 addr = &ipif->ipif_lcl_addr; 18356 } 18357 18358 if ((ipif->ipif_flags & IPIF_UNNUMBERED) || addr == NULL) { 18359 if (res_act != Res_act_initial) 18360 return (EINVAL); 18361 } 18362 18363 if (addr != NULL) { 18364 ipmp_illgrp_t *illg = ill->ill_grp; 18365 18366 /* add unicast nce for the local addr */ 18367 18368 if (IS_IPMP(ill)) { 18369 /* 18370 * If we're here via ipif_up(), then the ipif 18371 * won't be bound yet -- add it to the group, 18372 * which will bind it if possible. (We would 18373 * add it in ipif_up(), but deleting on failure 18374 * there is gruesome.) If we're here via 18375 * ipmp_ill_bind_ipif(), then the ipif has 18376 * already been added to the group and we 18377 * just need to use the binding. 18378 */ 18379 if ((bound_ill = ipmp_ipif_bound_ill(ipif)) == NULL) { 18380 bound_ill = ipmp_illgrp_add_ipif(illg, ipif); 18381 if (bound_ill == NULL) { 18382 /* 18383 * We couldn't bind the ipif to an ill 18384 * yet, so we have nothing to publish. 18385 * Mark the address as ready and return. 18386 */ 18387 ipif->ipif_addr_ready = 1; 18388 return (0); 18389 } 18390 added_ipif = B_TRUE; 18391 } 18392 } else { 18393 bound_ill = ill; 18394 } 18395 18396 flags = (NCE_F_MYADDR | NCE_F_PUBLISH | NCE_F_AUTHORITY | 18397 NCE_F_NONUD); 18398 /* 18399 * If this is an initial bring-up (or the ipif was never 18400 * completely brought up), do DAD. Otherwise, we're here 18401 * because IPMP has rebound an address to this ill: send 18402 * unsolicited advertisements (ARP announcements) to 18403 * inform others. 18404 */ 18405 if (res_act == Res_act_initial || !ipif->ipif_addr_ready) { 18406 state = ND_UNCHANGED; /* compute in nce_add_common() */ 18407 } else { 18408 state = ND_REACHABLE; 18409 flags |= NCE_F_UNSOL_ADV; 18410 } 18411 18412 retry: 18413 err = nce_lookup_then_add_v4(ill, 18414 bound_ill->ill_phys_addr, bound_ill->ill_phys_addr_length, 18415 addr, flags, state, &nce); 18416 18417 /* 18418 * note that we may encounter EEXIST if we are moving 18419 * the nce as a result of a rebind operation. 18420 */ 18421 switch (err) { 18422 case 0: 18423 ipif->ipif_added_nce = 1; 18424 nce->nce_ipif_cnt++; 18425 break; 18426 case EEXIST: 18427 ip1dbg(("ipif_arp_up: NCE already exists for %s\n", 18428 ill->ill_name)); 18429 if (!NCE_MYADDR(nce->nce_common)) { 18430 /* 18431 * A leftover nce from before this address 18432 * existed 18433 */ 18434 ncec_delete(nce->nce_common); 18435 nce_refrele(nce); 18436 nce = NULL; 18437 goto retry; 18438 } 18439 if ((ipif->ipif_flags & IPIF_POINTOPOINT) == 0) { 18440 nce_refrele(nce); 18441 nce = NULL; 18442 ip1dbg(("ipif_arp_up: NCE already exists " 18443 "for %s:%u\n", ill->ill_name, 18444 ipif->ipif_id)); 18445 goto arp_up_done; 18446 } 18447 /* 18448 * Duplicate local addresses are permissible for 18449 * IPIF_POINTOPOINT interfaces which will get marked 18450 * IPIF_UNNUMBERED later in 18451 * ip_addr_availability_check(). 18452 * 18453 * The nce_ipif_cnt field tracks the number of 18454 * ipifs that have nce_addr as their local address. 18455 */ 18456 ipif->ipif_addr_ready = 1; 18457 ipif->ipif_added_nce = 1; 18458 nce->nce_ipif_cnt++; 18459 err = 0; 18460 break; 18461 default: 18462 ASSERT(nce == NULL); 18463 goto arp_up_done; 18464 } 18465 if (arp_no_defense) { 18466 if ((ipif->ipif_flags & IPIF_UP) && 18467 !ipif->ipif_addr_ready) 18468 ipif_up_notify(ipif); 18469 ipif->ipif_addr_ready = 1; 18470 } 18471 } else { 18472 /* zero address. nothing to publish */ 18473 ipif->ipif_addr_ready = 1; 18474 } 18475 if (nce != NULL) 18476 nce_refrele(nce); 18477 arp_up_done: 18478 if (added_ipif && err != 0) 18479 ipmp_illgrp_del_ipif(ill->ill_grp, ipif); 18480 return (err); 18481 } 18482 18483 int 18484 ipif_arp_up(ipif_t *ipif, enum ip_resolver_action res_act, boolean_t was_dup) 18485 { 18486 int err = 0; 18487 ill_t *ill = ipif->ipif_ill; 18488 boolean_t first_interface, wait_for_dlpi = B_FALSE; 18489 18490 DTRACE_PROBE3(ipif__downup, char *, "ipif_arp_up", 18491 ill_t *, ill, ipif_t *, ipif); 18492 18493 /* 18494 * need to bring up ARP or setup mcast mapping only 18495 * when the first interface is coming UP. 18496 */ 18497 first_interface = (ill->ill_ipif_up_count == 0 && 18498 ill->ill_ipif_dup_count == 0 && !was_dup); 18499 18500 if (res_act == Res_act_initial && first_interface) { 18501 /* 18502 * Send ATTACH + BIND 18503 */ 18504 err = arp_ll_up(ill); 18505 if (err != EINPROGRESS && err != 0) 18506 return (err); 18507 18508 /* 18509 * Add NCE for local address. Start DAD. 18510 * we'll wait to hear that DAD has finished 18511 * before using the interface. 18512 */ 18513 if (err == EINPROGRESS) 18514 wait_for_dlpi = B_TRUE; 18515 } 18516 18517 if (!wait_for_dlpi) 18518 (void) ipif_arp_up_done_tail(ipif, res_act); 18519 18520 return (!wait_for_dlpi ? 0 : EINPROGRESS); 18521 } 18522 18523 /* 18524 * Finish processing of "arp_up" after all the DLPI message 18525 * exchanges have completed between arp and the driver. 18526 */ 18527 void 18528 arp_bringup_done(ill_t *ill, int err) 18529 { 18530 mblk_t *mp1; 18531 ipif_t *ipif; 18532 conn_t *connp = NULL; 18533 ipsq_t *ipsq; 18534 queue_t *q; 18535 18536 ip1dbg(("arp_bringup_done(%s)\n", ill->ill_name)); 18537 18538 ASSERT(IAM_WRITER_ILL(ill)); 18539 18540 ipsq = ill->ill_phyint->phyint_ipsq; 18541 ipif = ipsq->ipsq_xop->ipx_pending_ipif; 18542 mp1 = ipsq_pending_mp_get(ipsq, &connp); 18543 ASSERT(!((mp1 != NULL) ^ (ipif != NULL))); 18544 if (mp1 == NULL) /* bringup was aborted by the user */ 18545 return; 18546 18547 /* 18548 * If an IOCTL is waiting on this (ipsq_current_ioctl != 0), then we 18549 * must have an associated conn_t. Otherwise, we're bringing this 18550 * interface back up as part of handling an asynchronous event (e.g., 18551 * physical address change). 18552 */ 18553 if (ipsq->ipsq_xop->ipx_current_ioctl != 0) { 18554 ASSERT(connp != NULL); 18555 q = CONNP_TO_WQ(connp); 18556 } else { 18557 ASSERT(connp == NULL); 18558 q = ill->ill_rq; 18559 } 18560 if (err == 0) { 18561 if (ipif->ipif_isv6) { 18562 if ((err = ipif_up_done_v6(ipif)) != 0) 18563 ip0dbg(("arp_bringup_done: init failed\n")); 18564 } else { 18565 err = ipif_arp_up_done_tail(ipif, Res_act_initial); 18566 if (err != 0 || 18567 (err = ipif_up_done(ipif)) != 0) { 18568 ip0dbg(("arp_bringup_done: " 18569 "init failed err %x\n", err)); 18570 (void) ipif_arp_down(ipif); 18571 } 18572 18573 } 18574 } else { 18575 ip0dbg(("arp_bringup_done: DL_BIND_REQ failed\n")); 18576 } 18577 18578 if ((err == 0) && (ill->ill_up_ipifs)) { 18579 err = ill_up_ipifs(ill, q, mp1); 18580 if (err == EINPROGRESS) 18581 return; 18582 } 18583 18584 /* 18585 * If we have a moved ipif to bring up, and everything has succeeded 18586 * to this point, bring it up on the IPMP ill. Otherwise, leave it 18587 * down -- the admin can try to bring it up by hand if need be. 18588 */ 18589 if (ill->ill_move_ipif != NULL) { 18590 ipif = ill->ill_move_ipif; 18591 ip1dbg(("bringing up ipif %p on ill %s\n", (void *)ipif, 18592 ipif->ipif_ill->ill_name)); 18593 ill->ill_move_ipif = NULL; 18594 if (err == 0) { 18595 err = ipif_up(ipif, q, mp1); 18596 if (err == EINPROGRESS) 18597 return; 18598 } 18599 } 18600 18601 /* 18602 * The operation must complete without EINPROGRESS since 18603 * ipsq_pending_mp_get() has removed the mblk from ipsq_pending_mp. 18604 * Otherwise, the operation will be stuck forever in the ipsq. 18605 */ 18606 ASSERT(err != EINPROGRESS); 18607 if (ipsq->ipsq_xop->ipx_current_ioctl != 0) { 18608 DTRACE_PROBE4(ipif__ioctl, char *, "arp_bringup_done finish", 18609 int, ipsq->ipsq_xop->ipx_current_ioctl, 18610 ill_t *, ill, ipif_t *, ipif); 18611 ip_ioctl_finish(q, mp1, err, NO_COPYOUT, ipsq); 18612 } else { 18613 ipsq_current_finish(ipsq); 18614 } 18615 } 18616 18617 /* 18618 * Finish processing of arp replumb after all the DLPI message 18619 * exchanges have completed between arp and the driver. 18620 */ 18621 void 18622 arp_replumb_done(ill_t *ill, int err) 18623 { 18624 mblk_t *mp1; 18625 ipif_t *ipif; 18626 conn_t *connp = NULL; 18627 ipsq_t *ipsq; 18628 queue_t *q; 18629 18630 ASSERT(IAM_WRITER_ILL(ill)); 18631 18632 ipsq = ill->ill_phyint->phyint_ipsq; 18633 ipif = ipsq->ipsq_xop->ipx_pending_ipif; 18634 mp1 = ipsq_pending_mp_get(ipsq, &connp); 18635 ASSERT(!((mp1 != NULL) ^ (ipif != NULL))); 18636 if (mp1 == NULL) { 18637 ip0dbg(("arp_replumb_done: bringup aborted ioctl %x\n", 18638 ipsq->ipsq_xop->ipx_current_ioctl)); 18639 /* bringup was aborted by the user */ 18640 return; 18641 } 18642 /* 18643 * If an IOCTL is waiting on this (ipsq_current_ioctl != 0), then we 18644 * must have an associated conn_t. Otherwise, we're bringing this 18645 * interface back up as part of handling an asynchronous event (e.g., 18646 * physical address change). 18647 */ 18648 if (ipsq->ipsq_xop->ipx_current_ioctl != 0) { 18649 ASSERT(connp != NULL); 18650 q = CONNP_TO_WQ(connp); 18651 } else { 18652 ASSERT(connp == NULL); 18653 q = ill->ill_rq; 18654 } 18655 if ((err == 0) && (ill->ill_up_ipifs)) { 18656 err = ill_up_ipifs(ill, q, mp1); 18657 if (err == EINPROGRESS) 18658 return; 18659 } 18660 /* 18661 * The operation must complete without EINPROGRESS since 18662 * ipsq_pending_mp_get() has removed the mblk from ipsq_pending_mp. 18663 * Otherwise, the operation will be stuck forever in the ipsq. 18664 */ 18665 ASSERT(err != EINPROGRESS); 18666 if (ipsq->ipsq_xop->ipx_current_ioctl != 0) { 18667 DTRACE_PROBE4(ipif__ioctl, char *, 18668 "arp_replumb_done finish", 18669 int, ipsq->ipsq_xop->ipx_current_ioctl, 18670 ill_t *, ill, ipif_t *, ipif); 18671 ip_ioctl_finish(q, mp1, err, NO_COPYOUT, ipsq); 18672 } else { 18673 ipsq_current_finish(ipsq); 18674 } 18675 } 18676 18677 void 18678 ipif_up_notify(ipif_t *ipif) 18679 { 18680 ip_rts_ifmsg(ipif, RTSQ_DEFAULT); 18681 ip_rts_newaddrmsg(RTM_ADD, 0, ipif, RTSQ_DEFAULT); 18682 sctp_update_ipif(ipif, SCTP_IPIF_UP); 18683 ill_nic_event_dispatch(ipif->ipif_ill, MAP_IPIF_ID(ipif->ipif_id), 18684 NE_LIF_UP, NULL, 0); 18685 } 18686 18687 /* 18688 * ILB ioctl uses cv_wait (such as deleting a rule or adding a server) and 18689 * this assumes the context is cv_wait'able. Hence it shouldnt' be used on 18690 * TPI end points with STREAMS modules pushed above. This is assured by not 18691 * having the IPI_MODOK flag for the ioctl. And IP ensures the ILB ioctl 18692 * never ends up on an ipsq, otherwise we may end up processing the ioctl 18693 * while unwinding from the ispq and that could be a thread from the bottom. 18694 */ 18695 /* ARGSUSED */ 18696 int 18697 ip_sioctl_ilb_cmd(ipif_t *ipif, sin_t *sin, queue_t *q, mblk_t *mp, 18698 ip_ioctl_cmd_t *ipip, void *arg) 18699 { 18700 mblk_t *cmd_mp = mp->b_cont->b_cont; 18701 ilb_cmd_t command = *((ilb_cmd_t *)cmd_mp->b_rptr); 18702 int ret = 0; 18703 int i; 18704 size_t size; 18705 ip_stack_t *ipst; 18706 zoneid_t zoneid; 18707 ilb_stack_t *ilbs; 18708 18709 ipst = CONNQ_TO_IPST(q); 18710 ilbs = ipst->ips_netstack->netstack_ilb; 18711 zoneid = Q_TO_CONN(q)->conn_zoneid; 18712 18713 switch (command) { 18714 case ILB_CREATE_RULE: { 18715 ilb_rule_cmd_t *cmd = (ilb_rule_cmd_t *)cmd_mp->b_rptr; 18716 18717 if (MBLKL(cmd_mp) != sizeof (ilb_rule_cmd_t)) { 18718 ret = EINVAL; 18719 break; 18720 } 18721 18722 ret = ilb_rule_add(ilbs, zoneid, cmd); 18723 break; 18724 } 18725 case ILB_DESTROY_RULE: 18726 case ILB_ENABLE_RULE: 18727 case ILB_DISABLE_RULE: { 18728 ilb_name_cmd_t *cmd = (ilb_name_cmd_t *)cmd_mp->b_rptr; 18729 18730 if (MBLKL(cmd_mp) != sizeof (ilb_name_cmd_t)) { 18731 ret = EINVAL; 18732 break; 18733 } 18734 18735 if (cmd->flags & ILB_RULE_ALLRULES) { 18736 if (command == ILB_DESTROY_RULE) { 18737 ilb_rule_del_all(ilbs, zoneid); 18738 break; 18739 } else if (command == ILB_ENABLE_RULE) { 18740 ilb_rule_enable_all(ilbs, zoneid); 18741 break; 18742 } else if (command == ILB_DISABLE_RULE) { 18743 ilb_rule_disable_all(ilbs, zoneid); 18744 break; 18745 } 18746 } else { 18747 if (command == ILB_DESTROY_RULE) { 18748 ret = ilb_rule_del(ilbs, zoneid, cmd->name); 18749 } else if (command == ILB_ENABLE_RULE) { 18750 ret = ilb_rule_enable(ilbs, zoneid, cmd->name, 18751 NULL); 18752 } else if (command == ILB_DISABLE_RULE) { 18753 ret = ilb_rule_disable(ilbs, zoneid, cmd->name, 18754 NULL); 18755 } 18756 } 18757 break; 18758 } 18759 case ILB_NUM_RULES: { 18760 ilb_num_rules_cmd_t *cmd; 18761 18762 if (MBLKL(cmd_mp) != sizeof (ilb_num_rules_cmd_t)) { 18763 ret = EINVAL; 18764 break; 18765 } 18766 cmd = (ilb_num_rules_cmd_t *)cmd_mp->b_rptr; 18767 ilb_get_num_rules(ilbs, zoneid, &(cmd->num)); 18768 break; 18769 } 18770 case ILB_RULE_NAMES: { 18771 ilb_rule_names_cmd_t *cmd; 18772 18773 cmd = (ilb_rule_names_cmd_t *)cmd_mp->b_rptr; 18774 if (MBLKL(cmd_mp) < sizeof (ilb_rule_names_cmd_t) || 18775 cmd->num_names == 0) { 18776 ret = EINVAL; 18777 break; 18778 } 18779 size = cmd->num_names * ILB_RULE_NAMESZ; 18780 if (cmd_mp->b_rptr + offsetof(ilb_rule_names_cmd_t, buf) + 18781 size != cmd_mp->b_wptr) { 18782 ret = EINVAL; 18783 break; 18784 } 18785 ilb_get_rulenames(ilbs, zoneid, &cmd->num_names, cmd->buf); 18786 break; 18787 } 18788 case ILB_NUM_SERVERS: { 18789 ilb_num_servers_cmd_t *cmd; 18790 18791 if (MBLKL(cmd_mp) != sizeof (ilb_num_servers_cmd_t)) { 18792 ret = EINVAL; 18793 break; 18794 } 18795 cmd = (ilb_num_servers_cmd_t *)cmd_mp->b_rptr; 18796 ret = ilb_get_num_servers(ilbs, zoneid, cmd->name, 18797 &(cmd->num)); 18798 break; 18799 } 18800 case ILB_LIST_RULE: { 18801 ilb_rule_cmd_t *cmd = (ilb_rule_cmd_t *)cmd_mp->b_rptr; 18802 18803 if (MBLKL(cmd_mp) != sizeof (ilb_rule_cmd_t)) { 18804 ret = EINVAL; 18805 break; 18806 } 18807 ret = ilb_rule_list(ilbs, zoneid, cmd); 18808 break; 18809 } 18810 case ILB_LIST_SERVERS: { 18811 ilb_servers_info_cmd_t *cmd; 18812 18813 cmd = (ilb_servers_info_cmd_t *)cmd_mp->b_rptr; 18814 if (MBLKL(cmd_mp) < sizeof (ilb_servers_info_cmd_t) || 18815 cmd->num_servers == 0) { 18816 ret = EINVAL; 18817 break; 18818 } 18819 size = cmd->num_servers * sizeof (ilb_server_info_t); 18820 if (cmd_mp->b_rptr + offsetof(ilb_servers_info_cmd_t, servers) + 18821 size != cmd_mp->b_wptr) { 18822 ret = EINVAL; 18823 break; 18824 } 18825 18826 ret = ilb_get_servers(ilbs, zoneid, cmd->name, cmd->servers, 18827 &cmd->num_servers); 18828 break; 18829 } 18830 case ILB_ADD_SERVERS: { 18831 ilb_servers_info_cmd_t *cmd; 18832 ilb_rule_t *rule; 18833 18834 cmd = (ilb_servers_info_cmd_t *)cmd_mp->b_rptr; 18835 if (MBLKL(cmd_mp) < sizeof (ilb_servers_info_cmd_t)) { 18836 ret = EINVAL; 18837 break; 18838 } 18839 size = cmd->num_servers * sizeof (ilb_server_info_t); 18840 if (cmd_mp->b_rptr + offsetof(ilb_servers_info_cmd_t, servers) + 18841 size != cmd_mp->b_wptr) { 18842 ret = EINVAL; 18843 break; 18844 } 18845 rule = ilb_find_rule(ilbs, zoneid, cmd->name, &ret); 18846 if (rule == NULL) { 18847 ASSERT(ret != 0); 18848 break; 18849 } 18850 for (i = 0; i < cmd->num_servers; i++) { 18851 ilb_server_info_t *s; 18852 18853 s = &cmd->servers[i]; 18854 s->err = ilb_server_add(ilbs, rule, s); 18855 } 18856 ILB_RULE_REFRELE(rule); 18857 break; 18858 } 18859 case ILB_DEL_SERVERS: 18860 case ILB_ENABLE_SERVERS: 18861 case ILB_DISABLE_SERVERS: { 18862 ilb_servers_cmd_t *cmd; 18863 ilb_rule_t *rule; 18864 int (*f)(); 18865 18866 cmd = (ilb_servers_cmd_t *)cmd_mp->b_rptr; 18867 if (MBLKL(cmd_mp) < sizeof (ilb_servers_cmd_t)) { 18868 ret = EINVAL; 18869 break; 18870 } 18871 size = cmd->num_servers * sizeof (ilb_server_arg_t); 18872 if (cmd_mp->b_rptr + offsetof(ilb_servers_cmd_t, servers) + 18873 size != cmd_mp->b_wptr) { 18874 ret = EINVAL; 18875 break; 18876 } 18877 18878 if (command == ILB_DEL_SERVERS) 18879 f = ilb_server_del; 18880 else if (command == ILB_ENABLE_SERVERS) 18881 f = ilb_server_enable; 18882 else if (command == ILB_DISABLE_SERVERS) 18883 f = ilb_server_disable; 18884 18885 rule = ilb_find_rule(ilbs, zoneid, cmd->name, &ret); 18886 if (rule == NULL) { 18887 ASSERT(ret != 0); 18888 break; 18889 } 18890 18891 for (i = 0; i < cmd->num_servers; i++) { 18892 ilb_server_arg_t *s; 18893 18894 s = &cmd->servers[i]; 18895 s->err = f(ilbs, zoneid, NULL, rule, &s->addr); 18896 } 18897 ILB_RULE_REFRELE(rule); 18898 break; 18899 } 18900 case ILB_LIST_NAT_TABLE: { 18901 ilb_list_nat_cmd_t *cmd; 18902 18903 cmd = (ilb_list_nat_cmd_t *)cmd_mp->b_rptr; 18904 if (MBLKL(cmd_mp) < sizeof (ilb_list_nat_cmd_t)) { 18905 ret = EINVAL; 18906 break; 18907 } 18908 size = cmd->num_nat * sizeof (ilb_nat_entry_t); 18909 if (cmd_mp->b_rptr + offsetof(ilb_list_nat_cmd_t, entries) + 18910 size != cmd_mp->b_wptr) { 18911 ret = EINVAL; 18912 break; 18913 } 18914 18915 ret = ilb_list_nat(ilbs, zoneid, cmd->entries, &cmd->num_nat, 18916 &cmd->flags); 18917 break; 18918 } 18919 case ILB_LIST_STICKY_TABLE: { 18920 ilb_list_sticky_cmd_t *cmd; 18921 18922 cmd = (ilb_list_sticky_cmd_t *)cmd_mp->b_rptr; 18923 if (MBLKL(cmd_mp) < sizeof (ilb_list_sticky_cmd_t)) { 18924 ret = EINVAL; 18925 break; 18926 } 18927 size = cmd->num_sticky * sizeof (ilb_sticky_entry_t); 18928 if (cmd_mp->b_rptr + offsetof(ilb_list_sticky_cmd_t, entries) + 18929 size != cmd_mp->b_wptr) { 18930 ret = EINVAL; 18931 break; 18932 } 18933 18934 ret = ilb_list_sticky(ilbs, zoneid, cmd->entries, 18935 &cmd->num_sticky, &cmd->flags); 18936 break; 18937 } 18938 default: 18939 ret = EINVAL; 18940 break; 18941 } 18942 done: 18943 return (ret); 18944 } 18945 18946 /* Remove all cache entries for this logical interface */ 18947 void 18948 ipif_nce_down(ipif_t *ipif) 18949 { 18950 ill_t *ill = ipif->ipif_ill; 18951 nce_t *nce; 18952 18953 DTRACE_PROBE3(ipif__downup, char *, "ipif_nce_down", 18954 ill_t *, ill, ipif_t *, ipif); 18955 if (ipif->ipif_added_nce) { 18956 if (ipif->ipif_isv6) 18957 nce = nce_lookup_v6(ill, &ipif->ipif_v6lcl_addr); 18958 else 18959 nce = nce_lookup_v4(ill, &ipif->ipif_lcl_addr); 18960 if (nce != NULL) { 18961 if (--nce->nce_ipif_cnt == 0) 18962 ncec_delete(nce->nce_common); 18963 ipif->ipif_added_nce = 0; 18964 nce_refrele(nce); 18965 } else { 18966 /* 18967 * nce may already be NULL because it was already 18968 * flushed, e.g., due to a call to nce_flush 18969 */ 18970 ipif->ipif_added_nce = 0; 18971 } 18972 } 18973 /* 18974 * Make IPMP aware of the deleted data address. 18975 */ 18976 if (IS_IPMP(ill)) 18977 ipmp_illgrp_del_ipif(ill->ill_grp, ipif); 18978 18979 /* 18980 * Remove all other nces dependent on this ill when the last ipif 18981 * is going away. 18982 */ 18983 if (ill->ill_ipif_up_count == 0) { 18984 ncec_walk(ill, (pfi_t)ncec_delete_per_ill, 18985 (uchar_t *)ill, ill->ill_ipst); 18986 if (IS_UNDER_IPMP(ill)) 18987 nce_flush(ill, B_TRUE); 18988 } 18989 } 18990 18991 /* 18992 * find the first interface that uses usill for its source address. 18993 */ 18994 ill_t * 18995 ill_lookup_usesrc(ill_t *usill) 18996 { 18997 ip_stack_t *ipst = usill->ill_ipst; 18998 ill_t *ill; 18999 19000 ASSERT(usill != NULL); 19001 19002 /* ill_g_usesrc_lock protects ill_usesrc_grp_next */ 19003 rw_enter(&ipst->ips_ill_g_usesrc_lock, RW_WRITER); 19004 rw_enter(&ipst->ips_ill_g_lock, RW_READER); 19005 for (ill = usill->ill_usesrc_grp_next; ill != NULL && ill != usill; 19006 ill = ill->ill_usesrc_grp_next) { 19007 if (!IS_UNDER_IPMP(ill) && (ill->ill_flags & ILLF_MULTICAST) && 19008 !ILL_IS_CONDEMNED(ill)) { 19009 ill_refhold(ill); 19010 break; 19011 } 19012 } 19013 rw_exit(&ipst->ips_ill_g_lock); 19014 rw_exit(&ipst->ips_ill_g_usesrc_lock); 19015 return (ill); 19016 } 19017